General

  • Target

    5042ac80e753507bcce6e3a0cf4b9416_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240517-s9naaseh2x

  • MD5

    5042ac80e753507bcce6e3a0cf4b9416

  • SHA1

    ae000d5dccea1bb9f04f9fbaf11dfcbea1d53dcb

  • SHA256

    48f0caea82c90881533f80cd73dd8d179f16145f66955c1add7ca1889e6e8b2d

  • SHA512

    d455c3edef7087baf82c0c6c2c814abf730b1aab9359ef88e5c6554a8576ed610261ac4de08fc88496c9f40861501eb54a8b5e8180ac2d75ba87fb73bb8d6b3c

  • SSDEEP

    24576:O/gFpeW4ED0V1k/bSfMO3V8yypRtb2h6xU8dj5kkr6Got7:OYTDN/bir8yEvnU8dVkJt7

Score
8/10

Malware Config

Targets

    • Target

      5042ac80e753507bcce6e3a0cf4b9416_JaffaCakes118

    • Size

      1.2MB

    • MD5

      5042ac80e753507bcce6e3a0cf4b9416

    • SHA1

      ae000d5dccea1bb9f04f9fbaf11dfcbea1d53dcb

    • SHA256

      48f0caea82c90881533f80cd73dd8d179f16145f66955c1add7ca1889e6e8b2d

    • SHA512

      d455c3edef7087baf82c0c6c2c814abf730b1aab9359ef88e5c6554a8576ed610261ac4de08fc88496c9f40861501eb54a8b5e8180ac2d75ba87fb73bb8d6b3c

    • SSDEEP

      24576:O/gFpeW4ED0V1k/bSfMO3V8yypRtb2h6xU8dj5kkr6Got7:OYTDN/bir8yEvnU8dVkJt7

    Score
    8/10
    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks