General

  • Target

    8147c7099643d77c358cf75a3a63dfc5_JaffaCakes118

  • Size

    672KB

  • Sample

    241031-c8l3vawpfy

  • MD5

    8147c7099643d77c358cf75a3a63dfc5

  • SHA1

    3926b6f0272bc12ce843b5d4c0d805a05c8e7c67

  • SHA256

    e7eca2bf91830d3461001744032be10b2d3cf730518e5b843cf673a4727a67c9

  • SHA512

    693572243d1c6df5ddc537fea2b4bae947c95c7ed35d855e1167a8573c0142efef4e6ab55178844ba144520d75c250544c2b719bd1b8aa88ba0be7c6b071cada

  • SSDEEP

    12288:5ndySpiT3Qi9HCv/QPd/tVR8OputzjF3Z4mxxDm6FSDZWcAIc+cD:R4gOAi9iHWkOYtjQmXDpEDRAY8

Malware Config

Targets

    • Target

      8147c7099643d77c358cf75a3a63dfc5_JaffaCakes118

    • Size

      672KB

    • MD5

      8147c7099643d77c358cf75a3a63dfc5

    • SHA1

      3926b6f0272bc12ce843b5d4c0d805a05c8e7c67

    • SHA256

      e7eca2bf91830d3461001744032be10b2d3cf730518e5b843cf673a4727a67c9

    • SHA512

      693572243d1c6df5ddc537fea2b4bae947c95c7ed35d855e1167a8573c0142efef4e6ab55178844ba144520d75c250544c2b719bd1b8aa88ba0be7c6b071cada

    • SSDEEP

      12288:5ndySpiT3Qi9HCv/QPd/tVR8OputzjF3Z4mxxDm6FSDZWcAIc+cD:R4gOAi9iHWkOYtjQmXDpEDRAY8

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks