General

  • Target

    001496fe6fa6d81e5d3286a79acce639_JaffaCakes118

  • Size

    36KB

  • Sample

    240619-xqn5psxdmd

  • MD5

    001496fe6fa6d81e5d3286a79acce639

  • SHA1

    d1f7fd0d9a2db9386d974a74a1f73027fc1db938

  • SHA256

    0eb1745b793d151087e37ae1b411e7a24d5d52be11f9e8a92d994e16d1a03f0f

  • SHA512

    6ac2efb34f4ce13ed51bd0f6fb04d1f2e2acba213f098ef8a6ca526121835ba8d950fe8dacdb052a672d305c84aafbaa13b9acc79a7e5abe05ef47a55b2e7f4c

  • SSDEEP

    768:YfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:YQdEcyXrC/GsnsIVW

Malware Config

Targets

    • Target

      001496fe6fa6d81e5d3286a79acce639_JaffaCakes118

    • Size

      36KB

    • MD5

      001496fe6fa6d81e5d3286a79acce639

    • SHA1

      d1f7fd0d9a2db9386d974a74a1f73027fc1db938

    • SHA256

      0eb1745b793d151087e37ae1b411e7a24d5d52be11f9e8a92d994e16d1a03f0f

    • SHA512

      6ac2efb34f4ce13ed51bd0f6fb04d1f2e2acba213f098ef8a6ca526121835ba8d950fe8dacdb052a672d305c84aafbaa13b9acc79a7e5abe05ef47a55b2e7f4c

    • SSDEEP

      768:YfZd8dJN5kXcyXrCD1tDMByGqnxGm3+2VW:YQdEcyXrC/GsnsIVW

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks