General

  • Target

    822e06f78f3f0c9ca37b1bb7dd1791c0_JaffaCakes118

  • Size

    372KB

  • Sample

    241031-hx3t4svjfk

  • MD5

    822e06f78f3f0c9ca37b1bb7dd1791c0

  • SHA1

    b6fa534ee9a65801220550d75a9a595a04c8b808

  • SHA256

    ed5d466ed536d790d485c796222988318b81dac2f0b31fe847836d99dc0fa8e5

  • SHA512

    cd2fe76fab9a4dda051f2541fcea780654616993e7b3cb00f2dfef50d16a87d2202fe2c4999f40025146bf803fd76f1020fdec9789b803389073de3c0fb8b1cf

  • SSDEEP

    6144:lvI8oK0zat8GzwzkIXfYnPY9lrhdMwPT318Tba5DoK0zat8GzwzkIXfYnPYHgd:lQJK0qjIQnAYwPzS3QkK0qjIQnAAd

Malware Config

Targets

    • Target

      822e06f78f3f0c9ca37b1bb7dd1791c0_JaffaCakes118

    • Size

      372KB

    • MD5

      822e06f78f3f0c9ca37b1bb7dd1791c0

    • SHA1

      b6fa534ee9a65801220550d75a9a595a04c8b808

    • SHA256

      ed5d466ed536d790d485c796222988318b81dac2f0b31fe847836d99dc0fa8e5

    • SHA512

      cd2fe76fab9a4dda051f2541fcea780654616993e7b3cb00f2dfef50d16a87d2202fe2c4999f40025146bf803fd76f1020fdec9789b803389073de3c0fb8b1cf

    • SSDEEP

      6144:lvI8oK0zat8GzwzkIXfYnPY9lrhdMwPT318Tba5DoK0zat8GzwzkIXfYnPYHgd:lQJK0qjIQnAYwPzS3QkK0qjIQnAAd

    • Drops file in Drivers directory

    • Sets service image path in registry

    • Modifies system executable filetype association

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks