General

  • Target

    7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118

  • Size

    244KB

  • Sample

    241030-n4vpzatraq

  • MD5

    7f1d35025652c22b4d7a2b559b80383b

  • SHA1

    c1d2317376d9808bf3d79f479ac4e7d9a5a14ac0

  • SHA256

    e386dc700e326b08c1a51774e08fc210eff31788a1d081b66643d3f0476c0189

  • SHA512

    8ce623ae5c07c56e8b9c1d56a2184d07ef46161346edc7c729f22a7392b04d742e18c8838c2be3991483a8935b5503f68d62730f12e4f2fe5daaa82e38835083

  • SSDEEP

    6144:gLPGV/wROCiaSltwmr1P0KmwHn8LxtH7vjOaYDovbk:DV/wROCiaSltwOP0KL8Lxtbj0Do

Malware Config

Targets

    • Target

      7f1d35025652c22b4d7a2b559b80383b_JaffaCakes118

    • Size

      244KB

    • MD5

      7f1d35025652c22b4d7a2b559b80383b

    • SHA1

      c1d2317376d9808bf3d79f479ac4e7d9a5a14ac0

    • SHA256

      e386dc700e326b08c1a51774e08fc210eff31788a1d081b66643d3f0476c0189

    • SHA512

      8ce623ae5c07c56e8b9c1d56a2184d07ef46161346edc7c729f22a7392b04d742e18c8838c2be3991483a8935b5503f68d62730f12e4f2fe5daaa82e38835083

    • SSDEEP

      6144:gLPGV/wROCiaSltwmr1P0KmwHn8LxtH7vjOaYDovbk:DV/wROCiaSltwOP0KL8Lxtbj0Do

    • Server Software Component: Terminal Services DLL

    • Executes dropped EXE

    • Impair Defenses: Safe Mode Boot

    • Loads dropped DLL

    • Adds Run key to start application

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks