General

  • Target

    ac7558c0206464e1906660214b7cec90_JaffaCakes118

  • Size

    77KB

  • Sample

    240819-y76xhstgna

  • MD5

    ac7558c0206464e1906660214b7cec90

  • SHA1

    950ef5624113af1950e44d7d3bf27aa9bf145ac9

  • SHA256

    cbbbc306cccd22e4e54eaa3c419862473858ed2026793301ae6fb95a9f2d580f

  • SHA512

    baa5d1f3fd0010034db6fe43d1db7e0b7c988bb7caa48bc3689cc1ad98e0a81fe70194d98e8110e5fe8867f2b3b55ebe9862485095b3b2b3390e787a2edecefe

  • SSDEEP

    1536:U4yRbnrdKOyyyQKv5nz2KGqdmz4hylU6T6FmENQn:U16OpyQK5nBGlshylU6T6AEen

Malware Config

Targets

    • Target

      ac7558c0206464e1906660214b7cec90_JaffaCakes118

    • Size

      77KB

    • MD5

      ac7558c0206464e1906660214b7cec90

    • SHA1

      950ef5624113af1950e44d7d3bf27aa9bf145ac9

    • SHA256

      cbbbc306cccd22e4e54eaa3c419862473858ed2026793301ae6fb95a9f2d580f

    • SHA512

      baa5d1f3fd0010034db6fe43d1db7e0b7c988bb7caa48bc3689cc1ad98e0a81fe70194d98e8110e5fe8867f2b3b55ebe9862485095b3b2b3390e787a2edecefe

    • SSDEEP

      1536:U4yRbnrdKOyyyQKv5nz2KGqdmz4hylU6T6FmENQn:U16OpyQK5nBGlshylU6T6AEen

    • Adds policy Run key to start application

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Modifies WinLogon

MITRE ATT&CK Enterprise v15

Tasks