General

  • Target

    81088f98b39ad7984fc0001e6ebc4f48_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241031-bzag1sweqh

  • MD5

    81088f98b39ad7984fc0001e6ebc4f48

  • SHA1

    dfcb1043a8738613207a6402d2df31e2409eef84

  • SHA256

    73d8e6c59d05e2ee7150181d62e023dbe44e9ef4a4dbb40a318a9c4dbedfdcbe

  • SHA512

    e194e7b61edba62b82c65d5c285c4985d4c5398c3e8dcaac64352a8b3753a81b7e1b5e48be966a956e454d78dc138ead4632c74e94373acd7932e433bbdbb623

  • SSDEEP

    24576:JFE//Tct4bOsvGkhFZVBXV8h3E8ggS29j/v4BMdjoYnviD:LSVN7ZVH23EKtj/wuKUvc

Malware Config

Targets

    • Target

      81088f98b39ad7984fc0001e6ebc4f48_JaffaCakes118

    • Size

      1.0MB

    • MD5

      81088f98b39ad7984fc0001e6ebc4f48

    • SHA1

      dfcb1043a8738613207a6402d2df31e2409eef84

    • SHA256

      73d8e6c59d05e2ee7150181d62e023dbe44e9ef4a4dbb40a318a9c4dbedfdcbe

    • SHA512

      e194e7b61edba62b82c65d5c285c4985d4c5398c3e8dcaac64352a8b3753a81b7e1b5e48be966a956e454d78dc138ead4632c74e94373acd7932e433bbdbb623

    • SSDEEP

      24576:JFE//Tct4bOsvGkhFZVBXV8h3E8ggS29j/v4BMdjoYnviD:LSVN7ZVH23EKtj/wuKUvc

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • AutoIT Executable

      AutoIT scripts compiled to PE executables.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks