General

  • Target

    555e88c9f0cbf85051ec1226fca00bc5_JaffaCakes118

  • Size

    173KB

  • Sample

    240718-abmxrsyhka

  • MD5

    555e88c9f0cbf85051ec1226fca00bc5

  • SHA1

    b3dbe2a810f9916513d74a5d618239b0f6d09528

  • SHA256

    c6c05aef40f5b14ed26fa7a9ec1c3d411200aa0c355e0cc752e0781f125febb6

  • SHA512

    915d173b8c78d7df0859c9d6b7beb586ebffda60c37e2e25bb13e022180617f92f660817d3837364262a7761d7d9ad4ebd77851d0d30d344ad5314bbe245e25c

  • SSDEEP

    3072:KIFhbZtrtkrFPQOEbpFE7plQLiaf08OCfJLNyFg0kr:Kip3OEbQ7pKmC0hCfJLNybkr

Malware Config

Targets

    • Target

      555e88c9f0cbf85051ec1226fca00bc5_JaffaCakes118

    • Size

      173KB

    • MD5

      555e88c9f0cbf85051ec1226fca00bc5

    • SHA1

      b3dbe2a810f9916513d74a5d618239b0f6d09528

    • SHA256

      c6c05aef40f5b14ed26fa7a9ec1c3d411200aa0c355e0cc752e0781f125febb6

    • SHA512

      915d173b8c78d7df0859c9d6b7beb586ebffda60c37e2e25bb13e022180617f92f660817d3837364262a7761d7d9ad4ebd77851d0d30d344ad5314bbe245e25c

    • SSDEEP

      3072:KIFhbZtrtkrFPQOEbpFE7plQLiaf08OCfJLNyFg0kr:Kip3OEbQ7pKmC0hCfJLNybkr

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Enterprise v15

Tasks