General

  • Target

    0190af5f6200bbfa0474b75e3e7d618a_JaffaCakes118

  • Size

    800KB

  • Sample

    240622-l5zn7sxdmp

  • MD5

    0190af5f6200bbfa0474b75e3e7d618a

  • SHA1

    b7914d74de6a3cca2b5247aea518deae9b2b0d59

  • SHA256

    e36e200b6f1a0e3d163b32993b0abc76f194508ceaed1b532f720bad21eacde3

  • SHA512

    7ca49327fa971fac59176e4aecaa2af407a93ed01b2f3bca3d77d0abe661727599ff37bceba4c85a9b02ebe6be6701bf6c124a274d258a657b884ca44ac1f2c5

  • SSDEEP

    24576:hTRnM5kXCyJ+PaSxYnsddUaVyJB44sieBy:hTREkSyyaSp3yJB4TBy

Malware Config

Targets

    • Target

      0190af5f6200bbfa0474b75e3e7d618a_JaffaCakes118

    • Size

      800KB

    • MD5

      0190af5f6200bbfa0474b75e3e7d618a

    • SHA1

      b7914d74de6a3cca2b5247aea518deae9b2b0d59

    • SHA256

      e36e200b6f1a0e3d163b32993b0abc76f194508ceaed1b532f720bad21eacde3

    • SHA512

      7ca49327fa971fac59176e4aecaa2af407a93ed01b2f3bca3d77d0abe661727599ff37bceba4c85a9b02ebe6be6701bf6c124a274d258a657b884ca44ac1f2c5

    • SSDEEP

      24576:hTRnM5kXCyJ+PaSxYnsddUaVyJB44sieBy:hTREkSyyaSp3yJB4TBy

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks