General

  • Target

    eecb14b3a5a9f705a4fa18d049985baa_JaffaCakes118

  • Size

    132KB

  • Sample

    240921-bl4tpsyarh

  • MD5

    eecb14b3a5a9f705a4fa18d049985baa

  • SHA1

    1ba1279018bc4766a9bd8780f7b287e3e69706f4

  • SHA256

    5c81d03d811402c8ebfeec3478834018c53a3cd41ad477f7e04793d885eeabe2

  • SHA512

    679b0409eebe71a064c6fc800efaeb38dacc8d8c739b9f9be4e9f591282b1cb6a72d9bde10ea8ed4767af2e4bc1d65ce9d6724bac7b41b6d4692b78df483e7b6

  • SSDEEP

    3072:w3k/VPrdVfWM8RM/8KmwBErXXFefQmD8ampjIipt:f/RX8/KmwBEjXFeos8aCUiz

Malware Config

Targets

    • Target

      eecb14b3a5a9f705a4fa18d049985baa_JaffaCakes118

    • Size

      132KB

    • MD5

      eecb14b3a5a9f705a4fa18d049985baa

    • SHA1

      1ba1279018bc4766a9bd8780f7b287e3e69706f4

    • SHA256

      5c81d03d811402c8ebfeec3478834018c53a3cd41ad477f7e04793d885eeabe2

    • SHA512

      679b0409eebe71a064c6fc800efaeb38dacc8d8c739b9f9be4e9f591282b1cb6a72d9bde10ea8ed4767af2e4bc1d65ce9d6724bac7b41b6d4692b78df483e7b6

    • SSDEEP

      3072:w3k/VPrdVfWM8RM/8KmwBErXXFefQmD8ampjIipt:f/RX8/KmwBEjXFeos8aCUiz

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks