General

  • Target

    JaffaCakes118_5d736a9f87087cb3eb5cd0001011a448

  • Size

    772KB

  • Sample

    250115-v1bk9a1lbj

  • MD5

    5d736a9f87087cb3eb5cd0001011a448

  • SHA1

    1d53c638d5bd48db8ba8e37d29c396e5d8b420ef

  • SHA256

    082541416472b2e66111ac1db5cc55b564dcb32e2c4c1a7bfb3b5b4ffc759be4

  • SHA512

    4d70f0f6e3583a9c5961e23f51b5dc13aba20cb3907d30503617f7dea3582fb3c2b12c01dd77e38eb78f3c0bad7a3ac6241ccef207d9fd1e5988582aa81d1619

  • SSDEEP

    12288:CyUwB2ATq+SudkgLIU5a7F/juPPrd3yYAT0Vtc7DcoEGKi9xcfFTX1V8dpOK:C9H+PdNsU5a78PPr0YAceQxpAwXkdpR

Malware Config

Targets

    • Target

      JaffaCakes118_5d736a9f87087cb3eb5cd0001011a448

    • Size

      772KB

    • MD5

      5d736a9f87087cb3eb5cd0001011a448

    • SHA1

      1d53c638d5bd48db8ba8e37d29c396e5d8b420ef

    • SHA256

      082541416472b2e66111ac1db5cc55b564dcb32e2c4c1a7bfb3b5b4ffc759be4

    • SHA512

      4d70f0f6e3583a9c5961e23f51b5dc13aba20cb3907d30503617f7dea3582fb3c2b12c01dd77e38eb78f3c0bad7a3ac6241ccef207d9fd1e5988582aa81d1619

    • SSDEEP

      12288:CyUwB2ATq+SudkgLIU5a7F/juPPrd3yYAT0Vtc7DcoEGKi9xcfFTX1V8dpOK:C9H+PdNsU5a78PPr0YAceQxpAwXkdpR

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks