General

  • Target

    45d63e52af17046626591f038378c47a_JaffaCakes118

  • Size

    116KB

  • Sample

    241015-e3g8tayfjp

  • MD5

    45d63e52af17046626591f038378c47a

  • SHA1

    3bf27ccc2a69f2084ff479093d459045b01592cc

  • SHA256

    c1a9b807d442f749cec1b9257c6e598e2cdac0c5237189e3452ddfd84a75eb7b

  • SHA512

    ba1da6e4ecbd4459c375406a43d8dcb3ad1f9b956a31b255f9dd5b4429e5ba4d76b2c5ad78c7b6236f40271862abd1f6104a408be6d241b79d382ea1ccc36d35

  • SSDEEP

    1536:1GXuJIDBeZjhtFgGjtXDTto2D9uCLBCPr8/NL44PerViI8kIi/p0:weJyeZj/FgoTq2lr20

Malware Config

Targets

    • Target

      45d63e52af17046626591f038378c47a_JaffaCakes118

    • Size

      116KB

    • MD5

      45d63e52af17046626591f038378c47a

    • SHA1

      3bf27ccc2a69f2084ff479093d459045b01592cc

    • SHA256

      c1a9b807d442f749cec1b9257c6e598e2cdac0c5237189e3452ddfd84a75eb7b

    • SHA512

      ba1da6e4ecbd4459c375406a43d8dcb3ad1f9b956a31b255f9dd5b4429e5ba4d76b2c5ad78c7b6236f40271862abd1f6104a408be6d241b79d382ea1ccc36d35

    • SSDEEP

      1536:1GXuJIDBeZjhtFgGjtXDTto2D9uCLBCPr8/NL44PerViI8kIi/p0:weJyeZj/FgoTq2lr20

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks