General

  • Target

    93ea420dfc3c8a501cc7174d67e30811_JaffaCakes118

  • Size

    72KB

  • Sample

    240813-t983favdnc

  • MD5

    93ea420dfc3c8a501cc7174d67e30811

  • SHA1

    e992f390f36192f3f33ed72f8bfa63a6bea1ce12

  • SHA256

    0f1de3d728bf1bf76f1a2d6fd19d1989bb7f9c9aacf09fb36485edfb213f1e86

  • SHA512

    95389448f792a50cb4a27a964242d563253e29eb23b302538a44becab01e52c52f877cf02cb0ff4d043ce603001c1b1ee7cbba308f714806415b30bc1ba21b68

  • SSDEEP

    1536:ltWL1jM0upX5jWoXtNK8L5O/koxCsYa19s9wfz:ltQM0uF5jLX3w/k3sZmw

Malware Config

Targets

    • Target

      93ea420dfc3c8a501cc7174d67e30811_JaffaCakes118

    • Size

      72KB

    • MD5

      93ea420dfc3c8a501cc7174d67e30811

    • SHA1

      e992f390f36192f3f33ed72f8bfa63a6bea1ce12

    • SHA256

      0f1de3d728bf1bf76f1a2d6fd19d1989bb7f9c9aacf09fb36485edfb213f1e86

    • SHA512

      95389448f792a50cb4a27a964242d563253e29eb23b302538a44becab01e52c52f877cf02cb0ff4d043ce603001c1b1ee7cbba308f714806415b30bc1ba21b68

    • SSDEEP

      1536:ltWL1jM0upX5jWoXtNK8L5O/koxCsYa19s9wfz:ltQM0uF5jLX3w/k3sZmw

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks