General

  • Target

    04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118

  • Size

    23KB

  • Sample

    240620-lekglathnp

  • MD5

    04b746e89b7de3be76cf0f257ef145e6

  • SHA1

    d2b53fe61d29f65eb7089f461aecefd49ee42da4

  • SHA256

    de112298823fe712908ff89dcb9eba2784cc762c8feb677d9b81d7f12d4f2136

  • SHA512

    a9d54de20f868f52d09e728134d17e2fb854a2c44a41cdce4a0fcd27cb2a92c8a2cfe0510053575ecf357ab753e5e9379382f88e14e8ea96c4b9f6033a0dec43

  • SSDEEP

    384:jn6tj82SUhFzNZV41PooN6LGoGozH3sT4ITyIFwMp65+fcK6YtuBBC5aqC2:mnHhNNZVQPooNiG0cHuIFzoWcfKuTC3C

Malware Config

Targets

    • Target

      04b746e89b7de3be76cf0f257ef145e6_JaffaCakes118

    • Size

      23KB

    • MD5

      04b746e89b7de3be76cf0f257ef145e6

    • SHA1

      d2b53fe61d29f65eb7089f461aecefd49ee42da4

    • SHA256

      de112298823fe712908ff89dcb9eba2784cc762c8feb677d9b81d7f12d4f2136

    • SHA512

      a9d54de20f868f52d09e728134d17e2fb854a2c44a41cdce4a0fcd27cb2a92c8a2cfe0510053575ecf357ab753e5e9379382f88e14e8ea96c4b9f6033a0dec43

    • SSDEEP

      384:jn6tj82SUhFzNZV41PooN6LGoGozH3sT4ITyIFwMp65+fcK6YtuBBC5aqC2:mnHhNNZVQPooNiG0cHuIFzoWcfKuTC3C

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks