General

  • Target

    4f183565fef44ff8c3519fb87dee9da2_JaffaCakes118

  • Size

    386KB

  • Sample

    240517-jw54hsgh82

  • MD5

    4f183565fef44ff8c3519fb87dee9da2

  • SHA1

    b291bd572fcf8f04afc15b2a13f484bbb1c3a5f2

  • SHA256

    7c5fdd36fe745bce894ca7dfc83471e2da643a7e19a99925d72982a20eb0450b

  • SHA512

    5800430e82f1b34438e0bb86c4baefec9d2a2b32949961dbf8f1ba7ca4d441af9b492bded0d1194dc3b6c25a81ea323b5926858cb0cb208f41628d5017fe0bb7

  • SSDEEP

    6144:Nx1J8CG1KzE5JF1TS904W1fYtnyuoVkGKmh94OkmFPsxGl7quSL/:31VQKY5JFRSustnqC3MxkmF0u2uSj

Malware Config

Targets

    • Target

      4f183565fef44ff8c3519fb87dee9da2_JaffaCakes118

    • Size

      386KB

    • MD5

      4f183565fef44ff8c3519fb87dee9da2

    • SHA1

      b291bd572fcf8f04afc15b2a13f484bbb1c3a5f2

    • SHA256

      7c5fdd36fe745bce894ca7dfc83471e2da643a7e19a99925d72982a20eb0450b

    • SHA512

      5800430e82f1b34438e0bb86c4baefec9d2a2b32949961dbf8f1ba7ca4d441af9b492bded0d1194dc3b6c25a81ea323b5926858cb0cb208f41628d5017fe0bb7

    • SSDEEP

      6144:Nx1J8CG1KzE5JF1TS904W1fYtnyuoVkGKmh94OkmFPsxGl7quSL/:31VQKY5JFRSustnqC3MxkmF0u2uSj

    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Matrix ATT&CK v13

Tasks