General

  • Target

    18e6fbf3a7799ead04694742028458de_JaffaCakes118

  • Size

    701KB

  • Sample

    240628-fwxklavhrl

  • MD5

    18e6fbf3a7799ead04694742028458de

  • SHA1

    cc42326f7cd7d68bb4a5f78e6b9807bb1c92d6d5

  • SHA256

    60797554cc5556d0a2e631d34a599a110b620cfdd2438a049ebe355699f510fa

  • SHA512

    48ad9211e79b1e3f35b191a06d1f19f4c32291c598b21f117c8d6f90bd1ca18ab134d35c726405ab63a233c180e708ea23db2a436f052d763457aed476fb2a87

  • SSDEEP

    12288:hqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCz3gI:cOPMrGL+FKNAe1RtkzepMqBCkI

Malware Config

Targets

    • Target

      18e6fbf3a7799ead04694742028458de_JaffaCakes118

    • Size

      701KB

    • MD5

      18e6fbf3a7799ead04694742028458de

    • SHA1

      cc42326f7cd7d68bb4a5f78e6b9807bb1c92d6d5

    • SHA256

      60797554cc5556d0a2e631d34a599a110b620cfdd2438a049ebe355699f510fa

    • SHA512

      48ad9211e79b1e3f35b191a06d1f19f4c32291c598b21f117c8d6f90bd1ca18ab134d35c726405ab63a233c180e708ea23db2a436f052d763457aed476fb2a87

    • SSDEEP

      12288:hqpX2zPf0bvoLsU+FKN0fCskD1RtcnzepMqBCz3gI:cOPMrGL+FKNAe1RtkzepMqBCkI

    Score
    10/10
    • FlawedAmmyy RAT

      Remote-access trojan based on leaked code for the Ammyy remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

MITRE ATT&CK Enterprise v15

Tasks