General

  • Target

    8207df907b3b5e72b053cdd276276101_JaffaCakes118

  • Size

    22KB

  • Sample

    241031-g9a47asdne

  • MD5

    8207df907b3b5e72b053cdd276276101

  • SHA1

    1abc67c862c421157b36c39ce71ac2b798540f33

  • SHA256

    ac0de7377caabd31db9fb0feaded48a0526a9efca12076a9f17e42ba4508a81a

  • SHA512

    83ceed6704b62ab7a2203146ad9169a93f667d91a134f043f185c55f7dfa02ee2c1dc429cff8c69840d0ce04a1956539211ce3d459f5a743e738ad8fca5a1d53

  • SSDEEP

    384:WrBsV6vQJ5UIvZAQkib2fvYignHF8SCIKpoAIgdMj3b5LvKbSkVMd6HDJ:OBNoJ5TBwYignHF8hIEoBf3VybSkVMdE

Malware Config

Targets

    • Target

      8207df907b3b5e72b053cdd276276101_JaffaCakes118

    • Size

      22KB

    • MD5

      8207df907b3b5e72b053cdd276276101

    • SHA1

      1abc67c862c421157b36c39ce71ac2b798540f33

    • SHA256

      ac0de7377caabd31db9fb0feaded48a0526a9efca12076a9f17e42ba4508a81a

    • SHA512

      83ceed6704b62ab7a2203146ad9169a93f667d91a134f043f185c55f7dfa02ee2c1dc429cff8c69840d0ce04a1956539211ce3d459f5a743e738ad8fca5a1d53

    • SSDEEP

      384:WrBsV6vQJ5UIvZAQkib2fvYignHF8SCIKpoAIgdMj3b5LvKbSkVMd6HDJ:OBNoJ5TBwYignHF8hIEoBf3VybSkVMdE

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks