General

  • Target

    0482b3f2a4ba95ccb7c88381d1fc9719_JaffaCakes118

  • Size

    32KB

  • Sample

    240620-kwb14syfjg

  • MD5

    0482b3f2a4ba95ccb7c88381d1fc9719

  • SHA1

    85cf3021ca5877e58632205c191ee96616f31dc2

  • SHA256

    c59e23c9b34ea3050b97f0e4e9eb1e1b197e7a460cc17bc04c4495d74ebe1dd9

  • SHA512

    8653a27b27f9caa1c0d2474210c2200e95438a891f5a56647b80d0f5746ba2469c9c34b99556002b69e61a3148e3e78329619e92281205b0c86d122de1b925db

  • SSDEEP

    768:3p315uXz1i1k4fK+PLs+XWG7tFUCnu8o1Z3mFZs9:3ByXaPs+XFz3G3OC

Malware Config

Targets

    • Target

      0482b3f2a4ba95ccb7c88381d1fc9719_JaffaCakes118

    • Size

      32KB

    • MD5

      0482b3f2a4ba95ccb7c88381d1fc9719

    • SHA1

      85cf3021ca5877e58632205c191ee96616f31dc2

    • SHA256

      c59e23c9b34ea3050b97f0e4e9eb1e1b197e7a460cc17bc04c4495d74ebe1dd9

    • SHA512

      8653a27b27f9caa1c0d2474210c2200e95438a891f5a56647b80d0f5746ba2469c9c34b99556002b69e61a3148e3e78329619e92281205b0c86d122de1b925db

    • SSDEEP

      768:3p315uXz1i1k4fK+PLs+XWG7tFUCnu8o1Z3mFZs9:3ByXaPs+XFz3G3OC

    • Event Triggered Execution: AppInit DLLs

      Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.

    • Deletes itself

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks