General

  • Target

    454d20ca3452c7ccc51da7a0ccb7e55d_JaffaCakes118

  • Size

    43KB

  • Sample

    240714-ltd85axhre

  • MD5

    454d20ca3452c7ccc51da7a0ccb7e55d

  • SHA1

    c218de2d7c18a788f0f655ac2a3db4c729a3d40b

  • SHA256

    8e54e6d5ed7ea5338370375a1ed4caa74539389c78cedbcfc3b185354121c5f2

  • SHA512

    b754b1a574c274f46d80d2d19932d6298a042d040c7f466cfa2bc40afbca3d55720d51610485bd3640702c4254bbc8425416b6ea67a3998119ad16576352e850

  • SSDEEP

    768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kpplc:3PnAClrVLTrEqNAxvXsf7rzV/KpXc

Malware Config

Targets

    • Target

      454d20ca3452c7ccc51da7a0ccb7e55d_JaffaCakes118

    • Size

      43KB

    • MD5

      454d20ca3452c7ccc51da7a0ccb7e55d

    • SHA1

      c218de2d7c18a788f0f655ac2a3db4c729a3d40b

    • SHA256

      8e54e6d5ed7ea5338370375a1ed4caa74539389c78cedbcfc3b185354121c5f2

    • SHA512

      b754b1a574c274f46d80d2d19932d6298a042d040c7f466cfa2bc40afbca3d55720d51610485bd3640702c4254bbc8425416b6ea67a3998119ad16576352e850

    • SSDEEP

      768:3PJadenAqtYQnaXH96rV2kllriFqR7Atmqfvfj7sMC72ZWzFwKF/Kpplc:3PnAClrVLTrEqNAxvXsf7rzV/KpXc

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks