General

  • Target

    a45719f49486fd1210c14ec7a0f4895c_JaffaCakes118

  • Size

    295KB

  • Sample

    240817-13qe3ssfmk

  • MD5

    a45719f49486fd1210c14ec7a0f4895c

  • SHA1

    a497679cea5258a0c37bac6b50e28437f05e77d5

  • SHA256

    6f3df25b360d0ee9a99b03f57c0ce3e268de46b5e42275e5b5143184aebc3682

  • SHA512

    b740ce26e32dd1e7b10646506435475e8bf6bdf9de337316c0a3ff1cf41c13afbab1369f7287e9eeb28d7dedc455c2ec1e59e3d0df4713de179e419838ce0a49

  • SSDEEP

    6144:Kc0Zba/easnfffIdk2IMhl3GE79GgVdHzDF/VMsdFXSdcEXNN5enFg:KccyeaswdDr3GExGqjJ/05eFg

Malware Config

Targets

    • Target

      a45719f49486fd1210c14ec7a0f4895c_JaffaCakes118

    • Size

      295KB

    • MD5

      a45719f49486fd1210c14ec7a0f4895c

    • SHA1

      a497679cea5258a0c37bac6b50e28437f05e77d5

    • SHA256

      6f3df25b360d0ee9a99b03f57c0ce3e268de46b5e42275e5b5143184aebc3682

    • SHA512

      b740ce26e32dd1e7b10646506435475e8bf6bdf9de337316c0a3ff1cf41c13afbab1369f7287e9eeb28d7dedc455c2ec1e59e3d0df4713de179e419838ce0a49

    • SSDEEP

      6144:Kc0Zba/easnfffIdk2IMhl3GE79GgVdHzDF/VMsdFXSdcEXNN5enFg:KccyeaswdDr3GExGqjJ/05eFg

    • njRAT/Bladabindi

      Widely used RAT written in .NET.

    • Modifies Windows Firewall

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks