General

  • Target

    ee63a3b1daeb1feda8d2f9dbe7d85465_JaffaCakes118

  • Size

    508KB

  • Sample

    240920-zhhn3axcmm

  • MD5

    ee63a3b1daeb1feda8d2f9dbe7d85465

  • SHA1

    cebf6071ca26ef937b1ee3a99fddf0e7f687c3da

  • SHA256

    49c1288cccadf9cf68e10959ce801d57b575c326ad0b247a28cdc7de2887f972

  • SHA512

    59ef6e5a4b9f8374d6741cc5f38ca44126f3ddd7cffc291b077c5659080bdf54cb1b1627aa225eddb3ac2ad362f3b0d884a70921cbbb3419dfd49f381f8f4b73

  • SSDEEP

    12288:EYmReXDdp/3TqpB0eO1l/W9CPH5WzYZk2gCHcidvt:EYgMz7Wcu9CPBZkRC8O

Malware Config

Targets

    • Target

      ee63a3b1daeb1feda8d2f9dbe7d85465_JaffaCakes118

    • Size

      508KB

    • MD5

      ee63a3b1daeb1feda8d2f9dbe7d85465

    • SHA1

      cebf6071ca26ef937b1ee3a99fddf0e7f687c3da

    • SHA256

      49c1288cccadf9cf68e10959ce801d57b575c326ad0b247a28cdc7de2887f972

    • SHA512

      59ef6e5a4b9f8374d6741cc5f38ca44126f3ddd7cffc291b077c5659080bdf54cb1b1627aa225eddb3ac2ad362f3b0d884a70921cbbb3419dfd49f381f8f4b73

    • SSDEEP

      12288:EYmReXDdp/3TqpB0eO1l/W9CPH5WzYZk2gCHcidvt:EYgMz7Wcu9CPBZkRC8O

    • Modifies firewall policy service

    • Executes dropped EXE

    • Loads dropped DLL

    • Uses the VBS compiler for execution

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.