General

  • Target

    80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118

  • Size

    512KB

  • Sample

    241031-bb9l7sxjdl

  • MD5

    80ef43d2262b6c9af67b54a8ac8b3f27

  • SHA1

    c4b5e558c15598218f44ffcdfe227f24be5d5012

  • SHA256

    ad76b6d8ed0c958197097ca1b47694e8c9f8bc1256257462b8f4021bc500afa3

  • SHA512

    eae0fd5bb0e495beb06d68ee4e2a5f29ae0e82aaa1d39902fdcd947b09424417da20bbb655f0e75f0e2d5b2aaf3d4b821eb243950b2235c1801fbc170d024d98

  • SSDEEP

    6144:o1gxv7yZmspH7+cclKisraX+9PwRnmISRt0/1iDn3sqHevIPD:Jg0dicC3PD

Malware Config

Targets

    • Target

      80ef43d2262b6c9af67b54a8ac8b3f27_JaffaCakes118

    • Size

      512KB

    • MD5

      80ef43d2262b6c9af67b54a8ac8b3f27

    • SHA1

      c4b5e558c15598218f44ffcdfe227f24be5d5012

    • SHA256

      ad76b6d8ed0c958197097ca1b47694e8c9f8bc1256257462b8f4021bc500afa3

    • SHA512

      eae0fd5bb0e495beb06d68ee4e2a5f29ae0e82aaa1d39902fdcd947b09424417da20bbb655f0e75f0e2d5b2aaf3d4b821eb243950b2235c1801fbc170d024d98

    • SSDEEP

      6144:o1gxv7yZmspH7+cclKisraX+9PwRnmISRt0/1iDn3sqHevIPD:Jg0dicC3PD

    • Process spawned unexpected child process

      This typically indicates the parent process was compromised via an exploit or macro.

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks