General

  • Target

    d4e79ca3302990680ffa54b74ee68fe7_JaffaCakes118

  • Size

    1.8MB

  • Sample

    240908-v9sk5a1dpg

  • MD5

    d4e79ca3302990680ffa54b74ee68fe7

  • SHA1

    10b451d72dc2c0bed365d5fb234e8178e62f0348

  • SHA256

    6b41553166b9bdc53176a4a2f7c4dfa92cdd0290674825fa9d6d73cb1205a8f3

  • SHA512

    18b1f71676e7e6479bac39fb355bc92de8bb9a041bfde9bb0e7871d09ccdf677f6a47adb0e3998ba554351b53946caebf7ca8207ae18faccf9df2c9dff933b1c

  • SSDEEP

    49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82Sz66JBjM:NABx

Malware Config

Targets

    • Target

      d4e79ca3302990680ffa54b74ee68fe7_JaffaCakes118

    • Size

      1.8MB

    • MD5

      d4e79ca3302990680ffa54b74ee68fe7

    • SHA1

      10b451d72dc2c0bed365d5fb234e8178e62f0348

    • SHA256

      6b41553166b9bdc53176a4a2f7c4dfa92cdd0290674825fa9d6d73cb1205a8f3

    • SHA512

      18b1f71676e7e6479bac39fb355bc92de8bb9a041bfde9bb0e7871d09ccdf677f6a47adb0e3998ba554351b53946caebf7ca8207ae18faccf9df2c9dff933b1c

    • SSDEEP

      49152:Lz071uv4BPMkibTIA5sf6r+WVc2HhG82Sz66JBjM:NABx

    • xmrig

      XMRig is a high performance, open source, cross platform CPU/GPU miner.

    • XMRig Miner payload

    • Command and Scripting Interpreter: PowerShell

      Powershell Invoke Web Request.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks