General

  • Target

    2aca3f75294e962c8f5efab3326e9117_JaffaCakes118

  • Size

    149KB

  • Sample

    241009-e2paqswfmp

  • MD5

    2aca3f75294e962c8f5efab3326e9117

  • SHA1

    81c045eb5f76697e786647b765d365d0262ab218

  • SHA256

    cd946f863145acbd83117ccb6ca83d5fe37207e3fa1d0751211ae5c6c0a21c04

  • SHA512

    f637604a0a76ac10a05770a79274d8e88f4c33c89beb7af83a3919471d4739020c235531f6b3c8c8039b543f71a51782d27cfcd6420f1a812c838a59ec85004e

  • SSDEEP

    1536:RXcxTLIUH22hNPzEY0nbe6i4YrJENmjIDCJDGYygwtHZRzoeJPIHYZ0gr4OOUkN0:RRUB9zEY0beD4YbUGQYqXz/PIHjMRSu

Malware Config

Targets

    • Target

      2aca3f75294e962c8f5efab3326e9117_JaffaCakes118

    • Size

      149KB

    • MD5

      2aca3f75294e962c8f5efab3326e9117

    • SHA1

      81c045eb5f76697e786647b765d365d0262ab218

    • SHA256

      cd946f863145acbd83117ccb6ca83d5fe37207e3fa1d0751211ae5c6c0a21c04

    • SHA512

      f637604a0a76ac10a05770a79274d8e88f4c33c89beb7af83a3919471d4739020c235531f6b3c8c8039b543f71a51782d27cfcd6420f1a812c838a59ec85004e

    • SSDEEP

      1536:RXcxTLIUH22hNPzEY0nbe6i4YrJENmjIDCJDGYygwtHZRzoeJPIHYZ0gr4OOUkN0:RRUB9zEY0beD4YbUGQYqXz/PIHjMRSu

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks