General

  • Target

    64119aa0b6a3110f625b073170593df6_JaffaCakes118

  • Size

    488KB

  • Sample

    240521-vkl22scd43

  • MD5

    64119aa0b6a3110f625b073170593df6

  • SHA1

    5b22347aaa18af722aac5c7a3484b96542240497

  • SHA256

    270cbd6409f932367cc6953dce42d9aee89f66d722a4cf6196cadf7401217937

  • SHA512

    8f19eab7becf113f297c373ad9a79f9987913851dd2cb5fd5d2b3698c4d1ddd5123e212abf7c5344a9362a35979b9356c390b07f8d3f2ad0148b4f93f6f320be

  • SSDEEP

    12288:5auUsBJJ7qeBAU/HKPrpE4wcsQoqurCMu:kuUeJ7qPU/HqlfwcsQ2mM

Malware Config

Targets

    • Target

      64119aa0b6a3110f625b073170593df6_JaffaCakes118

    • Size

      488KB

    • MD5

      64119aa0b6a3110f625b073170593df6

    • SHA1

      5b22347aaa18af722aac5c7a3484b96542240497

    • SHA256

      270cbd6409f932367cc6953dce42d9aee89f66d722a4cf6196cadf7401217937

    • SHA512

      8f19eab7becf113f297c373ad9a79f9987913851dd2cb5fd5d2b3698c4d1ddd5123e212abf7c5344a9362a35979b9356c390b07f8d3f2ad0148b4f93f6f320be

    • SSDEEP

      12288:5auUsBJJ7qeBAU/HKPrpE4wcsQoqurCMu:kuUeJ7qPU/HqlfwcsQ2mM

    • Creates new service(s)

    • Drops startup file

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks