General

  • Target

    81d2043a0a1756f69e36f43320a279b1_JaffaCakes118

  • Size

    20KB

  • Sample

    241031-gbrpaazkby

  • MD5

    81d2043a0a1756f69e36f43320a279b1

  • SHA1

    450b710e004f6ce1035b64cd2abe5e5c855a95bc

  • SHA256

    a654fd3adb953e94e3b15738050cc2445aecbab93b7e97547fd0d54dc45d9263

  • SHA512

    ad06e9c32fee3a0fbb43472b6b186e13c7a0bd22dc35189981c60d1912b3a63d037d419b20c71dcb3d61f74316a819354f4fe2a797c006361d228a50e85b84eb

  • SSDEEP

    384:bPg2wRep0gfcXdDUWwv64yrBd+8OdMIVlKvMWZm3XiFc3bxsM:qYp0cOdDUWRvG801iFcaM

Malware Config

Targets

    • Target

      81d2043a0a1756f69e36f43320a279b1_JaffaCakes118

    • Size

      20KB

    • MD5

      81d2043a0a1756f69e36f43320a279b1

    • SHA1

      450b710e004f6ce1035b64cd2abe5e5c855a95bc

    • SHA256

      a654fd3adb953e94e3b15738050cc2445aecbab93b7e97547fd0d54dc45d9263

    • SHA512

      ad06e9c32fee3a0fbb43472b6b186e13c7a0bd22dc35189981c60d1912b3a63d037d419b20c71dcb3d61f74316a819354f4fe2a797c006361d228a50e85b84eb

    • SSDEEP

      384:bPg2wRep0gfcXdDUWwv64yrBd+8OdMIVlKvMWZm3XiFc3bxsM:qYp0cOdDUWRvG801iFcaM

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks