General

  • Target

    7f468626473674fffe279415f1d9c138_JaffaCakes118

  • Size

    502KB

  • Sample

    241030-p23s8svnfj

  • MD5

    7f468626473674fffe279415f1d9c138

  • SHA1

    3eb41000f08285328413ff45dea09bf7bcf9fe96

  • SHA256

    9ec57c1fc123f5034fcdf7a62aed848745526d1f71543658e2d7be23b46c9729

  • SHA512

    15f874666aa1ad62f61cf3f4766e310b7f729bce572717e2c034bab3b448311b80a6f5015ed81556f4ce35622cb97fb0c328c03042d6428d43d3368487a94991

  • SSDEEP

    12288:X5ODgVewHiUQWwbUJyaX8WxGxVxBr2Ief3ykDSZ:XIDXo7QZbUJPs/9B6xPykDSZ

Malware Config

Targets

    • Target

      7f468626473674fffe279415f1d9c138_JaffaCakes118

    • Size

      502KB

    • MD5

      7f468626473674fffe279415f1d9c138

    • SHA1

      3eb41000f08285328413ff45dea09bf7bcf9fe96

    • SHA256

      9ec57c1fc123f5034fcdf7a62aed848745526d1f71543658e2d7be23b46c9729

    • SHA512

      15f874666aa1ad62f61cf3f4766e310b7f729bce572717e2c034bab3b448311b80a6f5015ed81556f4ce35622cb97fb0c328c03042d6428d43d3368487a94991

    • SSDEEP

      12288:X5ODgVewHiUQWwbUJyaX8WxGxVxBr2Ief3ykDSZ:XIDXo7QZbUJPs/9B6xPykDSZ

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks