General

  • Target

    b4f4149b183eae09685fa34c034c90a8_JaffaCakes118

  • Size

    100KB

  • Sample

    240821-zd27xayhma

  • MD5

    b4f4149b183eae09685fa34c034c90a8

  • SHA1

    f78316a13568ecffee2008ad1f406f3783a873ae

  • SHA256

    98a10272b7412435f2295b81995f520930f702463cce4c7b070582ec29cbc9d2

  • SHA512

    581b2cd88a44d9610b1c2284699ec1cdd56ba09b7df758bd3b3586e2effea61bbaa66368400f0210bc08d65a1fe0abe13d3a59d19dd4a4c18ac417c986b399d3

  • SSDEEP

    1536:YdtG782NTzw5RoBMGAc4ohrPXo+73Rez8b0SyuNIjnZq:3w5DurPX7CuCnY

Malware Config

Targets

    • Target

      b4f4149b183eae09685fa34c034c90a8_JaffaCakes118

    • Size

      100KB

    • MD5

      b4f4149b183eae09685fa34c034c90a8

    • SHA1

      f78316a13568ecffee2008ad1f406f3783a873ae

    • SHA256

      98a10272b7412435f2295b81995f520930f702463cce4c7b070582ec29cbc9d2

    • SHA512

      581b2cd88a44d9610b1c2284699ec1cdd56ba09b7df758bd3b3586e2effea61bbaa66368400f0210bc08d65a1fe0abe13d3a59d19dd4a4c18ac417c986b399d3

    • SSDEEP

      1536:YdtG782NTzw5RoBMGAc4ohrPXo+73Rez8b0SyuNIjnZq:3w5DurPX7CuCnY

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks