General

  • Target

    05249ba011e37357aec2a1a92837ddf5_JaffaCakes118

  • Size

    1.7MB

  • Sample

    240728-b4k5batgmg

  • MD5

    05249ba011e37357aec2a1a92837ddf5

  • SHA1

    255be635f7dbd299e7add966a629a3a4e23aa39b

  • SHA256

    5b936c0ac0903e80a0a9cc1ec802d041143823948df6181574e8752aac262691

  • SHA512

    0ca461bcc6bb38edaa05f24c5a1a9809af25404bace67620ed014c6c260c564e1f89a43f0501cc31d02ab5d341654bc37782c507c1ce3e6c7caf36561d1e10bd

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SnMC:NAB6

Malware Config

Targets

    • Target

      05249ba011e37357aec2a1a92837ddf5_JaffaCakes118

    • Size

      1.7MB

    • MD5

      05249ba011e37357aec2a1a92837ddf5

    • SHA1

      255be635f7dbd299e7add966a629a3a4e23aa39b

    • SHA256

      5b936c0ac0903e80a0a9cc1ec802d041143823948df6181574e8752aac262691

    • SHA512

      0ca461bcc6bb38edaa05f24c5a1a9809af25404bace67620ed014c6c260c564e1f89a43f0501cc31d02ab5d341654bc37782c507c1ce3e6c7caf36561d1e10bd

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82SnMC:NAB6

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks