General

  • Target

    c0735fe36c0652135f1f3251bdaf9a72_JaffaCakes118

  • Size

    4.4MB

  • Sample

    240825-lj1z5sygjj

  • MD5

    c0735fe36c0652135f1f3251bdaf9a72

  • SHA1

    aab7a21556bbdbc83e89a811593fc8a58e71805f

  • SHA256

    0ff735b003b3ffb02a8b5fe84a3ac58131b2337ccf6f2ee3b5786eb5284014e9

  • SHA512

    bb46ff47f9bb513cae99fdad6e59ecf640e8362e78f3ddeaa82d33492c3814d4785a9ae99346b66fb26ec374e496e9d6a4adec54460e1717ecb9b3ed9ba95338

  • SSDEEP

    98304:kSBoJkaqx3WFchLZrg9Sdr4kZ66xxaowp5IkDXAkNNzdmDQ8fH2iGYZ9SuPE:V+Jxqx3wcNZMWL0DpnQUoDZXpPE

Malware Config

Targets

    • Target

      c0735fe36c0652135f1f3251bdaf9a72_JaffaCakes118

    • Size

      4.4MB

    • MD5

      c0735fe36c0652135f1f3251bdaf9a72

    • SHA1

      aab7a21556bbdbc83e89a811593fc8a58e71805f

    • SHA256

      0ff735b003b3ffb02a8b5fe84a3ac58131b2337ccf6f2ee3b5786eb5284014e9

    • SHA512

      bb46ff47f9bb513cae99fdad6e59ecf640e8362e78f3ddeaa82d33492c3814d4785a9ae99346b66fb26ec374e496e9d6a4adec54460e1717ecb9b3ed9ba95338

    • SSDEEP

      98304:kSBoJkaqx3WFchLZrg9Sdr4kZ66xxaowp5IkDXAkNNzdmDQ8fH2iGYZ9SuPE:V+Jxqx3wcNZMWL0DpnQUoDZXpPE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks