General

  • Target

    57c7e1c927fd1a70a62f9a99fcf605e9_JaffaCakes118

  • Size

    374KB

  • Sample

    240519-beek8sab78

  • MD5

    57c7e1c927fd1a70a62f9a99fcf605e9

  • SHA1

    fb9dc677bda7d868fb64b381daf0f623fb591887

  • SHA256

    5c891c8b82f693d4f5cbef73c20138d61ab8e7163559d8fda56996f1219be9e1

  • SHA512

    393fdb207595f4959c95684ebcd7a4332c96d23e67b020e17821ddddc6d9726c4f9bc9d62ac750def8bf83574a9a381b7a0a9ad81477e0a4a26a5a790374dc89

  • SSDEEP

    6144:1Ar38qxBAPUU4gxHB3BTce6qHmQArH4N1Z2KQaw7JKefJYWT3zwrkYaYCRMa1QH1:1ZmBLU44hVBvArYPIKQa4Ke56kNYCRML

Malware Config

Targets

    • Target

      57c7e1c927fd1a70a62f9a99fcf605e9_JaffaCakes118

    • Size

      374KB

    • MD5

      57c7e1c927fd1a70a62f9a99fcf605e9

    • SHA1

      fb9dc677bda7d868fb64b381daf0f623fb591887

    • SHA256

      5c891c8b82f693d4f5cbef73c20138d61ab8e7163559d8fda56996f1219be9e1

    • SHA512

      393fdb207595f4959c95684ebcd7a4332c96d23e67b020e17821ddddc6d9726c4f9bc9d62ac750def8bf83574a9a381b7a0a9ad81477e0a4a26a5a790374dc89

    • SSDEEP

      6144:1Ar38qxBAPUU4gxHB3BTce6qHmQArH4N1Z2KQaw7JKefJYWT3zwrkYaYCRMa1QH1:1ZmBLU44hVBvArYPIKQa4Ke56kNYCRML

    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks