General

  • Target

    8193921c017358677073e954745e86ed_JaffaCakes118

  • Size

    224KB

  • Sample

    241031-eshftszclb

  • MD5

    8193921c017358677073e954745e86ed

  • SHA1

    9ab8e86034475a0bde55729fd2bbff0796baf695

  • SHA256

    9f9bbe3b5733adff8b9c349407580800e767cd01eb71dbbe2f7df78c87f8dca2

  • SHA512

    974df8c61a371d615352949438ec870dc1ec82701eae976843122091bca1751e8fbd1d9be105e1c30e560e3df4f693c4ddb4f11477d95ec1f57b9ac01bfb4152

  • SSDEEP

    3072:k4JwsSux9D3OaiGY0VdV6dUPuD0VKir9QzFL6aqEYDKEuj/Rr0kAx:k4n3OBWvV6KPPUw+6aqEYGE8RokG

Malware Config

Targets

    • Target

      8193921c017358677073e954745e86ed_JaffaCakes118

    • Size

      224KB

    • MD5

      8193921c017358677073e954745e86ed

    • SHA1

      9ab8e86034475a0bde55729fd2bbff0796baf695

    • SHA256

      9f9bbe3b5733adff8b9c349407580800e767cd01eb71dbbe2f7df78c87f8dca2

    • SHA512

      974df8c61a371d615352949438ec870dc1ec82701eae976843122091bca1751e8fbd1d9be105e1c30e560e3df4f693c4ddb4f11477d95ec1f57b9ac01bfb4152

    • SSDEEP

      3072:k4JwsSux9D3OaiGY0VdV6dUPuD0VKir9QzFL6aqEYDKEuj/Rr0kAx:k4n3OBWvV6KPPUw+6aqEYGE8RokG

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks