General

  • Target

    89753d8050a2a41c24f85dd57b0a5a72_JaffaCakes118

  • Size

    262KB

  • Sample

    240811-hy44kazekk

  • MD5

    89753d8050a2a41c24f85dd57b0a5a72

  • SHA1

    8cb52e457c31bd78c157e7305941135c0db4294f

  • SHA256

    f18bd979ea4eb2d374bef76270bc02ac31955bd421b911864ded3b2ccae2fb20

  • SHA512

    dc788a715ba4b0ee4cf8450c7ee1e93d3b8b7cf10bb6968c62f7cce141e3bbe63c18feae29f52e590d3b2c27fdc0fc23544de1785b0bd980c882a4742c885230

  • SSDEEP

    6144:iS8Gp+df0afmVTRMd/dpn94sLrNXel9Ab98+MA7U:F8YkfXf4TRMx94svNuzAb9ZC

Malware Config

Targets

    • Target

      89753d8050a2a41c24f85dd57b0a5a72_JaffaCakes118

    • Size

      262KB

    • MD5

      89753d8050a2a41c24f85dd57b0a5a72

    • SHA1

      8cb52e457c31bd78c157e7305941135c0db4294f

    • SHA256

      f18bd979ea4eb2d374bef76270bc02ac31955bd421b911864ded3b2ccae2fb20

    • SHA512

      dc788a715ba4b0ee4cf8450c7ee1e93d3b8b7cf10bb6968c62f7cce141e3bbe63c18feae29f52e590d3b2c27fdc0fc23544de1785b0bd980c882a4742c885230

    • SSDEEP

      6144:iS8Gp+df0afmVTRMd/dpn94sLrNXel9Ab98+MA7U:F8YkfXf4TRMx94svNuzAb9ZC

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks