General

  • Target

    2c2248aec7c92b56ddbb493e84dfaddd_JaffaCakes118

  • Size

    169KB

  • Sample

    240708-nfa1nayeja

  • MD5

    2c2248aec7c92b56ddbb493e84dfaddd

  • SHA1

    4dd1767b3f305999a80aa3a5f36776d9587a1afb

  • SHA256

    a33b11b4add719f4674e95c3a45a66b40c76b4c531f671f6677b1b88d0c01ad4

  • SHA512

    c26f4e4559511f34d92ece2eb3728754c6fc77382e183c6f84429b4b0fd46ef16d4f1d4d357d01e9ec1ca28ac172ae237c6e4402293310faad69ba8a6908f7e3

  • SSDEEP

    3072:NP/0iJ1CtTsYebjNdBnwEq0B3I+5b3Qrr8V:NP/Pwlytd1lB4oU+

Score
10/10

Malware Config

Targets

    • Target

      2c2248aec7c92b56ddbb493e84dfaddd_JaffaCakes118

    • Size

      169KB

    • MD5

      2c2248aec7c92b56ddbb493e84dfaddd

    • SHA1

      4dd1767b3f305999a80aa3a5f36776d9587a1afb

    • SHA256

      a33b11b4add719f4674e95c3a45a66b40c76b4c531f671f6677b1b88d0c01ad4

    • SHA512

      c26f4e4559511f34d92ece2eb3728754c6fc77382e183c6f84429b4b0fd46ef16d4f1d4d357d01e9ec1ca28ac172ae237c6e4402293310faad69ba8a6908f7e3

    • SSDEEP

      3072:NP/0iJ1CtTsYebjNdBnwEq0B3I+5b3Qrr8V:NP/Pwlytd1lB4oU+

    Score
    10/10
    • KPOT

      KPOT is an information stealer that steals user data and account credentials.

    • KPOT Core Executable

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

MITRE ATT&CK Enterprise v15

Tasks