General

  • Target

    a9f572046d71617474169468caf1a4be_JaffaCakes118

  • Size

    232KB

  • Sample

    240819-ha9n5ssdpj

  • MD5

    a9f572046d71617474169468caf1a4be

  • SHA1

    1aef9494c15eb42beee12cc9f672719cde401f6f

  • SHA256

    f7644deb9424724d8715492b4563c7de0d63f5e324265d8323b49fe1bb248d7c

  • SHA512

    ad6b2caff7de84eabffcc526f164a473071704b1505bded1eeb323ac7973a2508b6080259d179cfd67abcb26b55f50c4199b5feb3f91f34fe90467fcf02ff839

  • SSDEEP

    6144:033PFKs78g2KyEOaWEqxF6snji81RUinKdNOAI:aPh+mF+

Malware Config

Targets

    • Target

      a9f572046d71617474169468caf1a4be_JaffaCakes118

    • Size

      232KB

    • MD5

      a9f572046d71617474169468caf1a4be

    • SHA1

      1aef9494c15eb42beee12cc9f672719cde401f6f

    • SHA256

      f7644deb9424724d8715492b4563c7de0d63f5e324265d8323b49fe1bb248d7c

    • SHA512

      ad6b2caff7de84eabffcc526f164a473071704b1505bded1eeb323ac7973a2508b6080259d179cfd67abcb26b55f50c4199b5feb3f91f34fe90467fcf02ff839

    • SSDEEP

      6144:033PFKs78g2KyEOaWEqxF6snji81RUinKdNOAI:aPh+mF+

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks