General

  • Target

    JaffaCakes118_5b4f59983aad7b12ceda86e2a977eb35

  • Size

    6.4MB

  • Sample

    250115-s8n57sxkdy

  • MD5

    5b4f59983aad7b12ceda86e2a977eb35

  • SHA1

    e389b7368baa4b924c3a65a9d1c4d01fe7301f5a

  • SHA256

    ae6f0b8a4b6d7d413938bfd4d0812a12923f78b21a7fac10b00322535937659b

  • SHA512

    f89178e3af58bb126257881fbeac18f18836e9fec07408b036c2d98127d2e634fae10c4e2597ad472c1239b8fd04764c96da9424d02dc36b18e67ad45d4d5a9d

  • SSDEEP

    196608:CeP+HX0EGC4f/XjoeMlKAK0+KgkIJp5iCeUzFp3UvGKqQrmj/mN:CggXK/zpmd+6IJp575zUOZImj/mN

Malware Config

Targets

    • Target

      JaffaCakes118_5b4f59983aad7b12ceda86e2a977eb35

    • Size

      6.4MB

    • MD5

      5b4f59983aad7b12ceda86e2a977eb35

    • SHA1

      e389b7368baa4b924c3a65a9d1c4d01fe7301f5a

    • SHA256

      ae6f0b8a4b6d7d413938bfd4d0812a12923f78b21a7fac10b00322535937659b

    • SHA512

      f89178e3af58bb126257881fbeac18f18836e9fec07408b036c2d98127d2e634fae10c4e2597ad472c1239b8fd04764c96da9424d02dc36b18e67ad45d4d5a9d

    • SSDEEP

      196608:CeP+HX0EGC4f/XjoeMlKAK0+KgkIJp5iCeUzFp3UvGKqQrmj/mN:CggXK/zpmd+6IJp575zUOZImj/mN

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks