General

  • Target

    8a903fdc2c88d4b47405519f174877cd_JaffaCakes118

  • Size

    444KB

  • Sample

    241103-kjxr2ssngr

  • MD5

    8a903fdc2c88d4b47405519f174877cd

  • SHA1

    e9d2e4265d7c9623cb5b5c309cac128eaac78297

  • SHA256

    585096007cf202b245bd6b1e891142e4d2603addbd09e23b2fec98487ccd7fcd

  • SHA512

    75f558c37595039c36920c1b35a5581bfea3a55553680d1a8b79449405b33edf06a4a522465de6baa982c24045712c1744cfbc057ea86ba811452cc647190ea3

  • SSDEEP

    12288:wutrzh9xOXk7GMHOJxl/0z+uoqzBTQGtem:wutr5OUStD/0zpJ7

Malware Config

Targets

    • Target

      8a903fdc2c88d4b47405519f174877cd_JaffaCakes118

    • Size

      444KB

    • MD5

      8a903fdc2c88d4b47405519f174877cd

    • SHA1

      e9d2e4265d7c9623cb5b5c309cac128eaac78297

    • SHA256

      585096007cf202b245bd6b1e891142e4d2603addbd09e23b2fec98487ccd7fcd

    • SHA512

      75f558c37595039c36920c1b35a5581bfea3a55553680d1a8b79449405b33edf06a4a522465de6baa982c24045712c1744cfbc057ea86ba811452cc647190ea3

    • SSDEEP

      12288:wutrzh9xOXk7GMHOJxl/0z+uoqzBTQGtem:wutr5OUStD/0zpJ7

    • Creates new service(s)

    • Sets file to hidden

      Modifies file attributes to stop it showing in Explorer etc.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks