General

  • Target

    a71c8d0f3b76d7faa8d12aea50a0a5db_JaffaCakes118

  • Size

    358KB

  • Sample

    240818-sedglsygpa

  • MD5

    a71c8d0f3b76d7faa8d12aea50a0a5db

  • SHA1

    452a0c7f6b9da9fb6243ae7e5be8bd993d2a8018

  • SHA256

    5e61ee83b201f01a5c15acc97b2d3402f769c9d0d65df19e562acd2f74ba3711

  • SHA512

    0fa1fa40939c0f66378205501ed7977f95a67bdc69d76cf4052e09acbd24a85048ff7e9b6a27467b92949121f5ddb9c9a89c0251d278a66a4294360c28f8c3e6

  • SSDEEP

    6144:xDnzwMPKotBRuFq/4Y0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7QB79VulTweZZ0:aEPBR5/4r6ifSRPFWlRl2t4AyiQpA8eU

Malware Config

Targets

    • Target

      a71c8d0f3b76d7faa8d12aea50a0a5db_JaffaCakes118

    • Size

      358KB

    • MD5

      a71c8d0f3b76d7faa8d12aea50a0a5db

    • SHA1

      452a0c7f6b9da9fb6243ae7e5be8bd993d2a8018

    • SHA256

      5e61ee83b201f01a5c15acc97b2d3402f769c9d0d65df19e562acd2f74ba3711

    • SHA512

      0fa1fa40939c0f66378205501ed7977f95a67bdc69d76cf4052e09acbd24a85048ff7e9b6a27467b92949121f5ddb9c9a89c0251d278a66a4294360c28f8c3e6

    • SSDEEP

      6144:xDnzwMPKotBRuFq/4Y0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7QB79VulTweZZ0:aEPBR5/4r6ifSRPFWlRl2t4AyiQpA8eU

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks