General

  • Target

    eb5b151df085704648435c745b8f0fc5_JaffaCakes118

  • Size

    355KB

  • Sample

    240919-pw2zrazaqr

  • MD5

    eb5b151df085704648435c745b8f0fc5

  • SHA1

    21352d3bf7234f5bec6afb58e99f642a9e35c5cc

  • SHA256

    db53f0d7876e7cf4e6843711fd282832ce7987d37a993ef6aa77a709e91d1605

  • SHA512

    0b68bc9bdf9066f53274724e1600927fe0b1cc9c00b4542e5f1a737989551af4f9faf6235cc49ad0d9e048f273bbedd8f7a43e29ba999362752d94fa02873d08

  • SSDEEP

    6144:HWwMPKotB9uFq/4X0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7QB79VulTweZQx:bEPB95/4g6ifSRPFWlRl2t4AyiQpA8ei

Malware Config

Targets

    • Target

      eb5b151df085704648435c745b8f0fc5_JaffaCakes118

    • Size

      355KB

    • MD5

      eb5b151df085704648435c745b8f0fc5

    • SHA1

      21352d3bf7234f5bec6afb58e99f642a9e35c5cc

    • SHA256

      db53f0d7876e7cf4e6843711fd282832ce7987d37a993ef6aa77a709e91d1605

    • SHA512

      0b68bc9bdf9066f53274724e1600927fe0b1cc9c00b4542e5f1a737989551af4f9faf6235cc49ad0d9e048f273bbedd8f7a43e29ba999362752d94fa02873d08

    • SSDEEP

      6144:HWwMPKotB9uFq/4X0OQ6iQHWSRpjvpyoWlRlDqDjl4AFyO7QB79VulTweZQx:bEPB95/4g6ifSRPFWlRl2t4AyiQpA8ei

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks