General

  • Target

    042cf634bc6848bdeb913e437d64e7be_JaffaCakes118

  • Size

    182KB

  • Sample

    240622-2hphqaxere

  • MD5

    042cf634bc6848bdeb913e437d64e7be

  • SHA1

    705847f0a040051a70069bf462613937d24dfba8

  • SHA256

    7821c8bb398df90703947a6e5c45c0a830d3ff487e1d39e7fa34cbdd087b91bd

  • SHA512

    1c57bbc5b1e2be4028cdf09555e6938ce61bb0011afb431c13dc8bba9894eadac904f443eac939a4c30d21f3144ced7f4dada5378f31f75fadf0bc0251bf1240

  • SSDEEP

    3072:+8YdNuuIN+ZL5mEvnESuifG+3vw+XOSYtVZoAN48YdNuuIN+ZL5mEvnESuifG+3g:+5dPfnBuH+3o+9b5dPfnBuH+3o+9

Malware Config

Targets

    • Target

      042cf634bc6848bdeb913e437d64e7be_JaffaCakes118

    • Size

      182KB

    • MD5

      042cf634bc6848bdeb913e437d64e7be

    • SHA1

      705847f0a040051a70069bf462613937d24dfba8

    • SHA256

      7821c8bb398df90703947a6e5c45c0a830d3ff487e1d39e7fa34cbdd087b91bd

    • SHA512

      1c57bbc5b1e2be4028cdf09555e6938ce61bb0011afb431c13dc8bba9894eadac904f443eac939a4c30d21f3144ced7f4dada5378f31f75fadf0bc0251bf1240

    • SSDEEP

      3072:+8YdNuuIN+ZL5mEvnESuifG+3vw+XOSYtVZoAN48YdNuuIN+ZL5mEvnESuifG+3g:+5dPfnBuH+3o+9b5dPfnBuH+3o+9

    • Server Software Component: Terminal Services DLL

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks