General

  • Target

    04c48474effe806d763f1cd9aad1f771_JaffaCakes118

  • Size

    13KB

  • Sample

    240620-ljsnrszgqh

  • MD5

    04c48474effe806d763f1cd9aad1f771

  • SHA1

    930d332fdea022570b33f06a1623c38f914ce42e

  • SHA256

    be1510cef2805164f0d0a459865109f0caf010043744a20c3d32576f222f4448

  • SHA512

    023b0f338b9148619397c3a479732f327b9f22329c8281e07c1f2818a35ea94b67a0dfe269b39fcb4925c79e72adc1f1556d117d0f00148de8a270409583eb7d

  • SSDEEP

    192:Ci2mxLyC5Tl79TzTTU+3HfUw4WjZHaHrPSUcofuzG/4X1xN/vGO97ilHRmtDuuWY:F7Tl71fXfJ4WFgrPSb4u6/4pzib+iJnY

Malware Config

Targets

    • Target

      04c48474effe806d763f1cd9aad1f771_JaffaCakes118

    • Size

      13KB

    • MD5

      04c48474effe806d763f1cd9aad1f771

    • SHA1

      930d332fdea022570b33f06a1623c38f914ce42e

    • SHA256

      be1510cef2805164f0d0a459865109f0caf010043744a20c3d32576f222f4448

    • SHA512

      023b0f338b9148619397c3a479732f327b9f22329c8281e07c1f2818a35ea94b67a0dfe269b39fcb4925c79e72adc1f1556d117d0f00148de8a270409583eb7d

    • SSDEEP

      192:Ci2mxLyC5Tl79TzTTU+3HfUw4WjZHaHrPSUcofuzG/4X1xN/vGO97ilHRmtDuuWY:F7Tl71fXfJ4WFgrPSb4u6/4pzib+iJnY

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks