General

  • Target

    02f7c49550fe991be84cc23ca6d8eb28_JaffaCakes118

  • Size

    107KB

  • Sample

    240620-fjz5ysvanq

  • MD5

    02f7c49550fe991be84cc23ca6d8eb28

  • SHA1

    7fdd30ba9c29c62de52c361d3f6886082bfecd29

  • SHA256

    1a314cc3714d546cae5f7524c83b1f7a734e295d1c00ec1346c5f5bf2eaf0471

  • SHA512

    98703e0787373cd663fa7ee895d351d3e52412e8d18f38a87563956ee3e9ba84b2ad8c54c0f59552ce32c6aa4d567f5b790b0b365500c2ab04b7337aefe34b02

  • SSDEEP

    3072:PM74GNrvGpxnUJqaMh6rFoiN0GhtXyK7ytm8:Pd+e/n5aMh6r+iN0mAr

Malware Config

Targets

    • Target

      02f7c49550fe991be84cc23ca6d8eb28_JaffaCakes118

    • Size

      107KB

    • MD5

      02f7c49550fe991be84cc23ca6d8eb28

    • SHA1

      7fdd30ba9c29c62de52c361d3f6886082bfecd29

    • SHA256

      1a314cc3714d546cae5f7524c83b1f7a734e295d1c00ec1346c5f5bf2eaf0471

    • SHA512

      98703e0787373cd663fa7ee895d351d3e52412e8d18f38a87563956ee3e9ba84b2ad8c54c0f59552ce32c6aa4d567f5b790b0b365500c2ab04b7337aefe34b02

    • SSDEEP

      3072:PM74GNrvGpxnUJqaMh6rFoiN0GhtXyK7ytm8:Pd+e/n5aMh6r+iN0mAr

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

MITRE ATT&CK Enterprise v15

Tasks