General

  • Target

    7fd728098517d197fb34d4d1f800ec54_JaffaCakes118

  • Size

    476KB

  • Sample

    241030-tep13svrbt

  • MD5

    7fd728098517d197fb34d4d1f800ec54

  • SHA1

    6d7d56e361d0ae3b13c342a2b8ee1ca186a61ca5

  • SHA256

    af8c61d4cb5db11ca8414cd37feec09d80181948b6f4ccb525193a3a3f252d4e

  • SHA512

    2060afbcc7a220245e5f2907f73ca0a0f509183e890be7c37ac01f9a903a7d7fdee93202f27792ce991d2c603385ea1513623419117b136a49ad75e8bd6f3f86

  • SSDEEP

    12288:5yp1z0s+B0bju9LRHfUzazUxgcpSxUm+P:k1zz+B+jul5fBMgcpo+

Malware Config

Targets

    • Target

      7fd728098517d197fb34d4d1f800ec54_JaffaCakes118

    • Size

      476KB

    • MD5

      7fd728098517d197fb34d4d1f800ec54

    • SHA1

      6d7d56e361d0ae3b13c342a2b8ee1ca186a61ca5

    • SHA256

      af8c61d4cb5db11ca8414cd37feec09d80181948b6f4ccb525193a3a3f252d4e

    • SHA512

      2060afbcc7a220245e5f2907f73ca0a0f509183e890be7c37ac01f9a903a7d7fdee93202f27792ce991d2c603385ea1513623419117b136a49ad75e8bd6f3f86

    • SSDEEP

      12288:5yp1z0s+B0bju9LRHfUzazUxgcpSxUm+P:k1zz+B+jul5fBMgcpo+

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks