General

  • Target

    9b2389f7bc9a36ff75b19542b3d6806f_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240610-sraaqa1cpc

  • MD5

    9b2389f7bc9a36ff75b19542b3d6806f

  • SHA1

    db650ee73e87863af6e854450225f0c2858e69a7

  • SHA256

    8ed8f3c567623e5f2ef2ef8371f602de67de1d33ce4cc9aeb932ef27e8e21e6e

  • SHA512

    14f26df215ed9f83b5c734470cafb0cef5d94ca1ee800544f1d8f82fbf139fe3426ca53da6de163dd6661196f3bc6ea03a1c276634f3c46550fb43825efab788

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafss:NAB4

Malware Config

Targets

    • Target

      9b2389f7bc9a36ff75b19542b3d6806f_JaffaCakes118

    • Size

      1.9MB

    • MD5

      9b2389f7bc9a36ff75b19542b3d6806f

    • SHA1

      db650ee73e87863af6e854450225f0c2858e69a7

    • SHA256

      8ed8f3c567623e5f2ef2ef8371f602de67de1d33ce4cc9aeb932ef27e8e21e6e

    • SHA512

      14f26df215ed9f83b5c734470cafb0cef5d94ca1ee800544f1d8f82fbf139fe3426ca53da6de163dd6661196f3bc6ea03a1c276634f3c46550fb43825efab788

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5lCx7kvRWa4pXHafss:NAB4

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks