General

  • Target

    24f9d4d31b60d0bb1d0426cdd4c73f20_JaffaCakes118

  • Size

    143KB

  • Sample

    240704-he6haa1emb

  • MD5

    24f9d4d31b60d0bb1d0426cdd4c73f20

  • SHA1

    f54f13f35260f55cd08a3de5ea790431c47cd1c0

  • SHA256

    5055283c3cadcdf5cd027d50ee3db19aebc9adbd04d11e2897296eed1edf7004

  • SHA512

    c8b640c06a6afc8c46873556fe282c6cc9f50c42d38cdee5ce2a97983731ee470632403d332b17a090e236eebf76795895bd9f7f6b458a34c95a901ce16e04da

  • SSDEEP

    1536:nyqdahk08vPzRg6Jj5qesYHcRv75KCGaEFhYgw4ziQelYUfcBiubdzLsFVlxVGxe:yWZvPa6Dqx75KCMWgpsJuVMVlxB2u

Malware Config

Targets

    • Target

      24f9d4d31b60d0bb1d0426cdd4c73f20_JaffaCakes118

    • Size

      143KB

    • MD5

      24f9d4d31b60d0bb1d0426cdd4c73f20

    • SHA1

      f54f13f35260f55cd08a3de5ea790431c47cd1c0

    • SHA256

      5055283c3cadcdf5cd027d50ee3db19aebc9adbd04d11e2897296eed1edf7004

    • SHA512

      c8b640c06a6afc8c46873556fe282c6cc9f50c42d38cdee5ce2a97983731ee470632403d332b17a090e236eebf76795895bd9f7f6b458a34c95a901ce16e04da

    • SSDEEP

      1536:nyqdahk08vPzRg6Jj5qesYHcRv75KCGaEFhYgw4ziQelYUfcBiubdzLsFVlxVGxe:yWZvPa6Dqx75KCMWgpsJuVMVlxB2u

    • Creates new service(s)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks