General

  • Target

    80fc7464938eecb59386e65898b56e7f_JaffaCakes118

  • Size

    581KB

  • Sample

    241031-blevkswdnj

  • MD5

    80fc7464938eecb59386e65898b56e7f

  • SHA1

    6dc880153500ab7359090c2d1256d38651b85f14

  • SHA256

    eabc70968d6828deb319a3dcf934bf5ddad355b8f3f065a8e95363f554876908

  • SHA512

    cf9cec379dce3c99efa6d76270064c345376684c7c211a5bf2ea5088613dc5d296e4bb26a22a05b56c1197671be9a9781b1e5d0cd8b7f0d3842929d75448557c

  • SSDEEP

    12288:uoMDtCi7NFlZnNqZ9xGrLpZ0ZHEqtgb0U7:ufplNFgxG5eZngb0s

Malware Config

Targets

    • Target

      80fc7464938eecb59386e65898b56e7f_JaffaCakes118

    • Size

      581KB

    • MD5

      80fc7464938eecb59386e65898b56e7f

    • SHA1

      6dc880153500ab7359090c2d1256d38651b85f14

    • SHA256

      eabc70968d6828deb319a3dcf934bf5ddad355b8f3f065a8e95363f554876908

    • SHA512

      cf9cec379dce3c99efa6d76270064c345376684c7c211a5bf2ea5088613dc5d296e4bb26a22a05b56c1197671be9a9781b1e5d0cd8b7f0d3842929d75448557c

    • SSDEEP

      12288:uoMDtCi7NFlZnNqZ9xGrLpZ0ZHEqtgb0U7:ufplNFgxG5eZngb0s

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks