General

  • Target

    87855eb792a45acbe0cd908a6a8cf758_JaffaCakes118

  • Size

    111KB

  • Sample

    240810-y26dsswekq

  • MD5

    87855eb792a45acbe0cd908a6a8cf758

  • SHA1

    8fa585cb877cebf59baf4e16fb903cbdd5d5a70b

  • SHA256

    4ce43813febd48db3aa24a28a95585d5c233723ad37d519a6be39ef9f1013e49

  • SHA512

    4a6441f1e18b0c4815015dc83f5477aee77139a9404b41f9eb46f4c09147bd058e16a52c3c7fe69eb58535bc48a51d96b5ea3a1ecf692aeb86a12a7ee5dc0197

  • SSDEEP

    1536:1rSqcUYYE0xkAfe62C4gJaYlBBNLXE2CbdFFVlsXrDCHC33nu3ZtQO:iUYYpxkien3gpBBN70bdFFkfCi338

Malware Config

Targets

    • Target

      87855eb792a45acbe0cd908a6a8cf758_JaffaCakes118

    • Size

      111KB

    • MD5

      87855eb792a45acbe0cd908a6a8cf758

    • SHA1

      8fa585cb877cebf59baf4e16fb903cbdd5d5a70b

    • SHA256

      4ce43813febd48db3aa24a28a95585d5c233723ad37d519a6be39ef9f1013e49

    • SHA512

      4a6441f1e18b0c4815015dc83f5477aee77139a9404b41f9eb46f4c09147bd058e16a52c3c7fe69eb58535bc48a51d96b5ea3a1ecf692aeb86a12a7ee5dc0197

    • SSDEEP

      1536:1rSqcUYYE0xkAfe62C4gJaYlBBNLXE2CbdFFVlsXrDCHC33nu3ZtQO:iUYYpxkien3gpBBN70bdFFkfCi338

    • Possible privilege escalation attempt

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Modifies file permissions

    • File and Directory Permissions Modification: Windows File and Directory Permissions Modification

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks