General

  • Target

    6b0241a7c15a54f66ef753d8a6cdfb49_JaffaCakes118

  • Size

    524KB

  • Sample

    240523-p56pasbd95

  • MD5

    6b0241a7c15a54f66ef753d8a6cdfb49

  • SHA1

    77934b75c9772140fddf10b051134582b0609665

  • SHA256

    cfa74acf53afaa2fd61de7ef079cdc4a33dbff99c9f4a93d49570d4aaf52b8e2

  • SHA512

    ea92a80b221721c37cf643c17d8c4251109314cfff85f454c5b6be5055e3a1ffc0a5466b79329147745fa737d3559169565cb64e5333b7e4e2477175e3f80867

  • SSDEEP

    12288:KgIdCFdSZHZZQEnI0qoXKvawR0driSKUdWLlERv3NyvJqD:BYYSZ5ZQNiKvawRpAdQER/NyvED

Score
10/10

Malware Config

Targets

    • Target

      6b0241a7c15a54f66ef753d8a6cdfb49_JaffaCakes118

    • Size

      524KB

    • MD5

      6b0241a7c15a54f66ef753d8a6cdfb49

    • SHA1

      77934b75c9772140fddf10b051134582b0609665

    • SHA256

      cfa74acf53afaa2fd61de7ef079cdc4a33dbff99c9f4a93d49570d4aaf52b8e2

    • SHA512

      ea92a80b221721c37cf643c17d8c4251109314cfff85f454c5b6be5055e3a1ffc0a5466b79329147745fa737d3559169565cb64e5333b7e4e2477175e3f80867

    • SSDEEP

      12288:KgIdCFdSZHZZQEnI0qoXKvawR0driSKUdWLlERv3NyvJqD:BYYSZ5ZQNiKvawRpAdQER/NyvED

    Score
    10/10
    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Cryptocurrency Miner

      Makes network request to known mining pool URL.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks