General

  • Target

    88b328a1ccd518514da2fe88c61bfee2_JaffaCakes118

  • Size

    364KB

  • Sample

    240811-dbl71s1gpp

  • MD5

    88b328a1ccd518514da2fe88c61bfee2

  • SHA1

    594b94463da34d5b23068a0c37197989728a243a

  • SHA256

    0fd0899e365646ef59c5971addf8666f066015bfe400d7977291ebb145f9937e

  • SHA512

    cc16ea812fa3deac3418e1c48a6eef398f609958178ccc85152a91f90d48796f9aef0c7c32a6350fab96fee742f97d47dc29347296fd126d921ed8bb16ba1d08

  • SSDEEP

    6144:Xn8ukcbLviSGqJjW8lE0crUTMX+82IXpW0vH66RVas3Gmxq2/2eW/ZDUp/fIIbGi:Xn8HcbL6Sdvu0YUTk1ZW0vH66vW92/Cu

Malware Config

Targets

    • Target

      88b328a1ccd518514da2fe88c61bfee2_JaffaCakes118

    • Size

      364KB

    • MD5

      88b328a1ccd518514da2fe88c61bfee2

    • SHA1

      594b94463da34d5b23068a0c37197989728a243a

    • SHA256

      0fd0899e365646ef59c5971addf8666f066015bfe400d7977291ebb145f9937e

    • SHA512

      cc16ea812fa3deac3418e1c48a6eef398f609958178ccc85152a91f90d48796f9aef0c7c32a6350fab96fee742f97d47dc29347296fd126d921ed8bb16ba1d08

    • SSDEEP

      6144:Xn8ukcbLviSGqJjW8lE0crUTMX+82IXpW0vH66RVas3Gmxq2/2eW/ZDUp/fIIbGi:Xn8HcbL6Sdvu0YUTk1ZW0vH66vW92/Cu

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks