General

  • Target

    81fdff4f1ee88cec541c03188cf40158_JaffaCakes118

  • Size

    260KB

  • Sample

    241031-g4hbbazqg1

  • MD5

    81fdff4f1ee88cec541c03188cf40158

  • SHA1

    6d49b08bc8d0aacbc2233a2802d79f7499d8701f

  • SHA256

    e18a2de0eca0db6644ed1fed126c8ede8e4807250d54131e2766df9859fafb0a

  • SHA512

    12fe5dfd1a62207a5da423ed0c81029c89415220b284aa11bc8ac87b0e88ac7b7e9aae362c2646d0428770c996556153ed4c501553137b24d463619c043e8e8b

  • SSDEEP

    3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVp1w:ZY7xh6SZI4z7FSVp2

Malware Config

Targets

    • Target

      81fdff4f1ee88cec541c03188cf40158_JaffaCakes118

    • Size

      260KB

    • MD5

      81fdff4f1ee88cec541c03188cf40158

    • SHA1

      6d49b08bc8d0aacbc2233a2802d79f7499d8701f

    • SHA256

      e18a2de0eca0db6644ed1fed126c8ede8e4807250d54131e2766df9859fafb0a

    • SHA512

      12fe5dfd1a62207a5da423ed0c81029c89415220b284aa11bc8ac87b0e88ac7b7e9aae362c2646d0428770c996556153ed4c501553137b24d463619c043e8e8b

    • SSDEEP

      3072:ZYUb5QoJ4g+Ri+Zj6Iz1ZdW4SrO7FSVp1w:ZY7xh6SZI4z7FSVp2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks