General

  • Target

    JaffaCakes118_6460874437648338ef8ae304828bce14

  • Size

    692KB

  • Sample

    250115-26k57szrck

  • MD5

    6460874437648338ef8ae304828bce14

  • SHA1

    d3b1af6230acfa2d2140839934ab4e7f332b947d

  • SHA256

    4ea565330c5de4c75fead9bd1ea3ceff512d894b8a60f518af0ccf8863788a39

  • SHA512

    48dd5995c9b41c628b71429abd266a45813253af7065bf70a5011c03de9febbe8a3662cee1cb101192fec3e51f10838f83649d3d64b68beade69d12e15516d9f

  • SSDEEP

    12288:L6U+05dJIb4JWmQPHN7X4o0+03gfj7WOaq6oKMKRq32O5Qirkx9iGHQLtY9:60lIb4JWmQPt74T+0wfj7wq6oXKR9Oqx

Malware Config

Targets

    • Target

      JaffaCakes118_6460874437648338ef8ae304828bce14

    • Size

      692KB

    • MD5

      6460874437648338ef8ae304828bce14

    • SHA1

      d3b1af6230acfa2d2140839934ab4e7f332b947d

    • SHA256

      4ea565330c5de4c75fead9bd1ea3ceff512d894b8a60f518af0ccf8863788a39

    • SHA512

      48dd5995c9b41c628b71429abd266a45813253af7065bf70a5011c03de9febbe8a3662cee1cb101192fec3e51f10838f83649d3d64b68beade69d12e15516d9f

    • SSDEEP

      12288:L6U+05dJIb4JWmQPHN7X4o0+03gfj7WOaq6oKMKRq32O5Qirkx9iGHQLtY9:60lIb4JWmQPt74T+0wfj7wq6oXKR9Oqx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

MITRE ATT&CK Enterprise v15

Tasks