General

  • Target

    e60fead2b3fa5eb5f4fa83af01f5a942_JaffaCakes118

  • Size

    322KB

  • Sample

    240917-fat8cavekd

  • MD5

    e60fead2b3fa5eb5f4fa83af01f5a942

  • SHA1

    d4acf3232c5e8762a04bfe58b4faae19c40bb76c

  • SHA256

    ce74cab8c24b53f6eb679898ffd075a92ec8d138da3cb67cf7634f7cbf2a0513

  • SHA512

    290a1cda72c26853dc82555e6249bd6a7bfc5e4b04058e82e206ed0d37b57f0db09e10cd607e2b8b999d3a412c4980ac2cd264353865b9402e84042d666d7daa

  • SSDEEP

    6144:fX5GHKqSccAXTIzUzWvxv7vV+G7zPoAz0Q54HeyJAud+V3Oj:fJGHKDccAX0AWvxzvV+zAz03HFB

Malware Config

Targets

    • Target

      e60fead2b3fa5eb5f4fa83af01f5a942_JaffaCakes118

    • Size

      322KB

    • MD5

      e60fead2b3fa5eb5f4fa83af01f5a942

    • SHA1

      d4acf3232c5e8762a04bfe58b4faae19c40bb76c

    • SHA256

      ce74cab8c24b53f6eb679898ffd075a92ec8d138da3cb67cf7634f7cbf2a0513

    • SHA512

      290a1cda72c26853dc82555e6249bd6a7bfc5e4b04058e82e206ed0d37b57f0db09e10cd607e2b8b999d3a412c4980ac2cd264353865b9402e84042d666d7daa

    • SSDEEP

      6144:fX5GHKqSccAXTIzUzWvxv7vV+G7zPoAz0Q54HeyJAud+V3Oj:fJGHKDccAX0AWvxzvV+zAz03HFB

    • Imminent RAT

      Remote-access trojan based on Imminent Monitor remote admin software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops desktop.ini file(s)

MITRE ATT&CK Enterprise v15

Tasks