General

  • Target

    724141c6922ab8e19c262d269aa8aee1_JaffaCakes118

  • Size

    425KB

  • Sample

    240525-rq3efaff41

  • MD5

    724141c6922ab8e19c262d269aa8aee1

  • SHA1

    0d2bf53fa5138aa22b1585f5c5093dfbe65dfcd0

  • SHA256

    a3b9d353ef66b0e9f9920e9f4d520e67e40f9f8ac855edf42bfa3be4492fcf1d

  • SHA512

    56bf9442c7d94ffcef529d9790dfda4690e6f97377b18c085d15ff01dddeeedc045099bb497c782d7436d7550b8d9961c9433a6ba1fee961eb24bceecd734d74

  • SSDEEP

    12288:whSM3uQPBuy9mwsG+BXT4zsvuXEAr/qWy5khwG/:whSUuQpBxsG+NT4dXrriWGSH/

Malware Config

Targets

    • Target

      724141c6922ab8e19c262d269aa8aee1_JaffaCakes118

    • Size

      425KB

    • MD5

      724141c6922ab8e19c262d269aa8aee1

    • SHA1

      0d2bf53fa5138aa22b1585f5c5093dfbe65dfcd0

    • SHA256

      a3b9d353ef66b0e9f9920e9f4d520e67e40f9f8ac855edf42bfa3be4492fcf1d

    • SHA512

      56bf9442c7d94ffcef529d9790dfda4690e6f97377b18c085d15ff01dddeeedc045099bb497c782d7436d7550b8d9961c9433a6ba1fee961eb24bceecd734d74

    • SSDEEP

      12288:whSM3uQPBuy9mwsG+BXT4zsvuXEAr/qWy5khwG/:whSUuQpBxsG+NT4dXrriWGSH/

    • QNodeService

      Trojan/stealer written in NodeJS and spread via Java downloader.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Enterprise v15

Tasks