General

  • Target

    442dba2b32d53c7a56a8f6df1e11974b_JaffaCakes118

  • Size

    51KB

  • Sample

    241014-zv99vazgpn

  • MD5

    442dba2b32d53c7a56a8f6df1e11974b

  • SHA1

    9fde2fe23173d98b48b8772db1d2ff7d86cff529

  • SHA256

    72998d6193d3f6d908a5b00894a3141cb711a3558e175f6da52bf3351045e361

  • SHA512

    b6d5a943a59e0f058cad7e6de91410cf409b3b40c4ae529006efeba4c5d8066c9b18a0ef57f4e3dc6da53f8dcb0db05fc499e907b99fc98f7aad38fbc5763faa

  • SSDEEP

    768:jpkX5mWC9hUHd2hUH/2hUHDhUHohUHC2hUHzdMT+QHlU/eBadtECZvMPmJK37hnR:9Gb95f5+Ti5TdOKpjMsZ/ZBpK1

Malware Config

Targets

    • Target

      442dba2b32d53c7a56a8f6df1e11974b_JaffaCakes118

    • Size

      51KB

    • MD5

      442dba2b32d53c7a56a8f6df1e11974b

    • SHA1

      9fde2fe23173d98b48b8772db1d2ff7d86cff529

    • SHA256

      72998d6193d3f6d908a5b00894a3141cb711a3558e175f6da52bf3351045e361

    • SHA512

      b6d5a943a59e0f058cad7e6de91410cf409b3b40c4ae529006efeba4c5d8066c9b18a0ef57f4e3dc6da53f8dcb0db05fc499e907b99fc98f7aad38fbc5763faa

    • SSDEEP

      768:jpkX5mWC9hUHd2hUH/2hUHDhUHohUHC2hUHzdMT+QHlU/eBadtECZvMPmJK37hnR:9Gb95f5+Ti5TdOKpjMsZ/ZBpK1

    • Deletes itself

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks