General

  • Target

    88d0d0f3c6835adb7bffb76c03ce5658_JaffaCakes118

  • Size

    609KB

  • Sample

    240811-dysy3sxbkh

  • MD5

    88d0d0f3c6835adb7bffb76c03ce5658

  • SHA1

    53c7d88e668b7f390f1619e2e7167dbf6927ba99

  • SHA256

    421431196e59bc772ef66f510328fd35f8d699da2fd76539126403508226c0e3

  • SHA512

    636f5895772a8aea0d61d77dd9af569a7dc58fa8209dda5d9668bbf4cada98b05be226079880b8e8f3e44b3129b1498f532e493050517dff511c0a789c0de819

  • SSDEEP

    12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmh/:SUiL3yjXUlu0I7vitqUmyq+1pa/

Malware Config

Targets

    • Target

      88d0d0f3c6835adb7bffb76c03ce5658_JaffaCakes118

    • Size

      609KB

    • MD5

      88d0d0f3c6835adb7bffb76c03ce5658

    • SHA1

      53c7d88e668b7f390f1619e2e7167dbf6927ba99

    • SHA256

      421431196e59bc772ef66f510328fd35f8d699da2fd76539126403508226c0e3

    • SHA512

      636f5895772a8aea0d61d77dd9af569a7dc58fa8209dda5d9668bbf4cada98b05be226079880b8e8f3e44b3129b1498f532e493050517dff511c0a789c0de819

    • SSDEEP

      12288:KZ543M5v7Kc3ygT2lXVCllX8peI7cQitqUmyq+1pmh/:SUiL3yjXUlu0I7vitqUmyq+1pa/

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Uses Tor communications

      Malware can proxy its traffic through Tor for more anonymity.

MITRE ATT&CK Enterprise v15

Tasks