General

  • Target

    JaffaCakes118_62a7d34d9105bc725d4719ca6cb0552f

  • Size

    758KB

  • Sample

    250115-1j6mysxldm

  • MD5

    62a7d34d9105bc725d4719ca6cb0552f

  • SHA1

    4d76162c5737421e93e3f0e199c6ece071906b25

  • SHA256

    05123da2e180bd484665ad3f3819ec81c9de295d6673634ae9bed6ae31949fd2

  • SHA512

    b0fcecb472c54f6a7ea41a4188c088f95395ca79857f160fef793bed8c23b59ceeb12a3dfd6bf9dfe8345568e89222b29c5ef22164b90ad2991392d44dd13e23

  • SSDEEP

    12288:GmOkP2jJYfCsKJiBpwZvPO2QL9WA/Tdboap4v32bhCVuuJG24shaD8p8GNvN21Hl:GHu2Sw3ZnQhWq17CO24sh3p8GlN+/5aE

Malware Config

Targets

    • Target

      JaffaCakes118_62a7d34d9105bc725d4719ca6cb0552f

    • Size

      758KB

    • MD5

      62a7d34d9105bc725d4719ca6cb0552f

    • SHA1

      4d76162c5737421e93e3f0e199c6ece071906b25

    • SHA256

      05123da2e180bd484665ad3f3819ec81c9de295d6673634ae9bed6ae31949fd2

    • SHA512

      b0fcecb472c54f6a7ea41a4188c088f95395ca79857f160fef793bed8c23b59ceeb12a3dfd6bf9dfe8345568e89222b29c5ef22164b90ad2991392d44dd13e23

    • SSDEEP

      12288:GmOkP2jJYfCsKJiBpwZvPO2QL9WA/Tdboap4v32bhCVuuJG24shaD8p8GNvN21Hl:GHu2Sw3ZnQhWq17CO24sh3p8GlN+/5aE

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks