General

  • Target

    c06b3058a2d2676c650186181eb0713f_JaffaCakes118

  • Size

    394KB

  • Sample

    240825-k8gr5awelg

  • MD5

    c06b3058a2d2676c650186181eb0713f

  • SHA1

    df3e10ac3703119628bf0e6ae7db0564b50aeb58

  • SHA256

    2cdc592505b4ffcf4967db6fd11fd22dc3582dbd613090dad9e6622aa77a6d2a

  • SHA512

    ee73e11425ccd6c1dbb8a19b962aaef79202942695d87cfc9b11c707ee330c89d62571b887fc7e09dc078d82642fbdee7bd03d8519c147b2d4caebc68049318e

  • SSDEEP

    6144:zoGXOz5dM7UKKWxMrIoauMy4uuv570kiFogsaiWpOc1ef:zwmIWxCXauyuuakiFjAc1ef

Malware Config

Targets

    • Target

      c06b3058a2d2676c650186181eb0713f_JaffaCakes118

    • Size

      394KB

    • MD5

      c06b3058a2d2676c650186181eb0713f

    • SHA1

      df3e10ac3703119628bf0e6ae7db0564b50aeb58

    • SHA256

      2cdc592505b4ffcf4967db6fd11fd22dc3582dbd613090dad9e6622aa77a6d2a

    • SHA512

      ee73e11425ccd6c1dbb8a19b962aaef79202942695d87cfc9b11c707ee330c89d62571b887fc7e09dc078d82642fbdee7bd03d8519c147b2d4caebc68049318e

    • SSDEEP

      6144:zoGXOz5dM7UKKWxMrIoauMy4uuv570kiFogsaiWpOc1ef:zwmIWxCXauyuuakiFjAc1ef

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks