General

  • Target

    8e2ae2f56b0c8f20ff2a6d6d70fd1816_JaffaCakes118

  • Size

    768KB

  • Sample

    241104-ac7nkaxlft

  • MD5

    8e2ae2f56b0c8f20ff2a6d6d70fd1816

  • SHA1

    00c4a5dc0242c54095e9d10640da4b860749bf25

  • SHA256

    f729fe9c1e04f6b155009d6d2e2336d9aa2ed031f60e21914450ebe77d8e74a0

  • SHA512

    9f6054fa18e63696b713d67e9c1112666ba110821d60512e0a269aed1ca25b481e5bea3ce378f562a0fa8aaf2f21c1619ca9bd2039a74098a9b531bfe6388bf9

  • SSDEEP

    12288:A7g7VDBVIm+qFv55Gui4pWL8acC0BFCw0ctShQ:AMhDBVjTBsT8RBsw9tOQ

Malware Config

Targets

    • Target

      8e2ae2f56b0c8f20ff2a6d6d70fd1816_JaffaCakes118

    • Size

      768KB

    • MD5

      8e2ae2f56b0c8f20ff2a6d6d70fd1816

    • SHA1

      00c4a5dc0242c54095e9d10640da4b860749bf25

    • SHA256

      f729fe9c1e04f6b155009d6d2e2336d9aa2ed031f60e21914450ebe77d8e74a0

    • SHA512

      9f6054fa18e63696b713d67e9c1112666ba110821d60512e0a269aed1ca25b481e5bea3ce378f562a0fa8aaf2f21c1619ca9bd2039a74098a9b531bfe6388bf9

    • SSDEEP

      12288:A7g7VDBVIm+qFv55Gui4pWL8acC0BFCw0ctShQ:AMhDBVjTBsT8RBsw9tOQ

    • Adds policy Run key to start application

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Checks whether UAC is enabled

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks