General

  • Target

    7ff5d683c57321254522e666812a7263_JaffaCakes118

  • Size

    40KB

  • Sample

    241030-t3cewsxdnh

  • MD5

    7ff5d683c57321254522e666812a7263

  • SHA1

    ca12cd5afc0edb363b285dc114b716a5a0cc2138

  • SHA256

    e6bd8e62589de8b7260f0bd14f65d9d8c09856b21ef9bce091f5cfde40f33ac8

  • SHA512

    d321cb7b811802335045a1a644ca804e38181e17d524bfa90f15ba4aed27a78f98eeea7ccbf8fac0b41c166dcce3ce4a8491d9947df4b7057aa4dd2342e23a61

  • SSDEEP

    384:LkRwSpE+kp96qtZyB+RNngqPBKjBDWzbHf5d44oxvoc9UFjgiAQkmZrOtU:Y9pE+kpwqPyERNhBk6zlqFofbBf5O6

Malware Config

Targets

    • Target

      7ff5d683c57321254522e666812a7263_JaffaCakes118

    • Size

      40KB

    • MD5

      7ff5d683c57321254522e666812a7263

    • SHA1

      ca12cd5afc0edb363b285dc114b716a5a0cc2138

    • SHA256

      e6bd8e62589de8b7260f0bd14f65d9d8c09856b21ef9bce091f5cfde40f33ac8

    • SHA512

      d321cb7b811802335045a1a644ca804e38181e17d524bfa90f15ba4aed27a78f98eeea7ccbf8fac0b41c166dcce3ce4a8491d9947df4b7057aa4dd2342e23a61

    • SSDEEP

      384:LkRwSpE+kp96qtZyB+RNngqPBKjBDWzbHf5d44oxvoc9UFjgiAQkmZrOtU:Y9pE+kpwqPyERNhBk6zlqFofbBf5O6

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks