General

  • Target

    a6001234b63e417f465d7177980369d7_JaffaCakes118

  • Size

    5.6MB

  • Sample

    240613-rqbxgswhmp

  • MD5

    a6001234b63e417f465d7177980369d7

  • SHA1

    558379bb741e55a50c71f9a3de2f6e91cb5c9cce

  • SHA256

    1f9ea074336d4002798a75c2431d27adbc09caf302acc1a8fcd73bfb2ac761fd

  • SHA512

    e262ddc4995073483dd6be4144ea644f1395cdef6e95fdae8c8190d15be726f86651f0fde8b1a264c7f05858b7729133d950bf64bc0f0261276af0410be075c4

  • SSDEEP

    98304:2q8NLZaSsyj7TVD7e4EWvqSJd+jmb7f/uI8u+q5JZth+mQdxl66heieuAq6Nybn4:2Dkyj7TNGk+yntuQJJ+maIuAq6NwTMD

Malware Config

Targets

    • Target

      a6001234b63e417f465d7177980369d7_JaffaCakes118

    • Size

      5.6MB

    • MD5

      a6001234b63e417f465d7177980369d7

    • SHA1

      558379bb741e55a50c71f9a3de2f6e91cb5c9cce

    • SHA256

      1f9ea074336d4002798a75c2431d27adbc09caf302acc1a8fcd73bfb2ac761fd

    • SHA512

      e262ddc4995073483dd6be4144ea644f1395cdef6e95fdae8c8190d15be726f86651f0fde8b1a264c7f05858b7729133d950bf64bc0f0261276af0410be075c4

    • SSDEEP

      98304:2q8NLZaSsyj7TVD7e4EWvqSJd+jmb7f/uI8u+q5JZth+mQdxl66heieuAq6Nybn4:2Dkyj7TNGk+yntuQJJ+maIuAq6NwTMD

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      $PLUGINSDIR/speedupmypc.exe

    • Size

      5.9MB

    • MD5

      b644360d462de0ceb35bb619129d90b2

    • SHA1

      18669d3f87e61b4427f7828c841e80a7da978661

    • SHA256

      c91bfe51a62d727e60329d545bede02be8aed9f8432205aad3582268b912af55

    • SHA512

      495f80f6d22084c39db73d995e951d42451ecea2698fce54a594902ab472f8b23fc4fd58da2e1503a03fb6e3c00dc352b037fc5cd835e98248851588ba141b4b

    • SSDEEP

      98304:8Mm61aIQWU7P+D8BvEWoDfVW+RBILhmhQpYR3Q8oblLIE+kS/6JfqeXTq6TKt4sU:Y1WU7P8hq+KU+Gg8WLIwpXTq6Tul5G

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks