General

  • Target

    c947363b50231882723bd6b07bc291ca_JaffaCakes118

  • Size

    8.7MB

  • Sample

    240829-vzx3vssfrb

  • MD5

    c947363b50231882723bd6b07bc291ca

  • SHA1

    7b9a425f09da9be5dda5facff18c5fd15eed253a

  • SHA256

    985ffee662969825146d1b465d068ea4f5f01990d13827511415fd497cf9db86

  • SHA512

    45f511f6fe78bba853789f85549c8ac591b7812e2fc969a13148bbd1112fa356f6a1ee88a22a907e7f62ef79a0d14d75681eecd2a17f027d105afd381f161184

  • SSDEEP

    98304:vM6uc5LRC1PApsX8mygFiQS8Mi0e6oIOPxOGdG20t7Xk:vM6uc5LRCepmPEQXMir6oIOPoCM

Malware Config

Targets

    • Target

      c947363b50231882723bd6b07bc291ca_JaffaCakes118

    • Size

      8.7MB

    • MD5

      c947363b50231882723bd6b07bc291ca

    • SHA1

      7b9a425f09da9be5dda5facff18c5fd15eed253a

    • SHA256

      985ffee662969825146d1b465d068ea4f5f01990d13827511415fd497cf9db86

    • SHA512

      45f511f6fe78bba853789f85549c8ac591b7812e2fc969a13148bbd1112fa356f6a1ee88a22a907e7f62ef79a0d14d75681eecd2a17f027d105afd381f161184

    • SSDEEP

      98304:vM6uc5LRC1PApsX8mygFiQS8Mi0e6oIOPxOGdG20t7Xk:vM6uc5LRCepmPEQXMir6oIOPoCM

    Score
    8/10
    • Adds new SSH keys

      Linux special file to hold SSH keys. The threat actor may add new keys for further remote access.

    • Deletes itself

    • Deletes log files

      Deletes log files on the system.

    • Enumerates running processes

      Discovers information about currently running processes on the system

MITRE ATT&CK Enterprise v15

Tasks