General

  • Target

    JaffaCakes118_cf5f24fdfb3d1f08919da5fabc6adfcd

  • Size

    772KB

  • Sample

    250119-w1a56azqfj

  • MD5

    cf5f24fdfb3d1f08919da5fabc6adfcd

  • SHA1

    3436c0d1e416f59e16dddcda556e5faae1621cba

  • SHA256

    be505e94333037c430b29f359750a63c8a1dbb4760748c43ec1a205398201773

  • SHA512

    ba0f1b516ed0aca1a93721a727b561bc48fcc93432c6543dc2bfc459f1765397bc90abe651cf3c9ee395d2767e93bca8a7100c3e92455c6b493a13f11cc5f348

  • SSDEEP

    12288:4ZwB2ATq+SudkgLIU5a7F/juPPrd3yYAT0Vtc7DcoEGKi9xcfFTX1V8dpOK:aH+PdNsU5a78PPr0YAceQxpAwXkdpR

Malware Config

Targets

    • Target

      JaffaCakes118_cf5f24fdfb3d1f08919da5fabc6adfcd

    • Size

      772KB

    • MD5

      cf5f24fdfb3d1f08919da5fabc6adfcd

    • SHA1

      3436c0d1e416f59e16dddcda556e5faae1621cba

    • SHA256

      be505e94333037c430b29f359750a63c8a1dbb4760748c43ec1a205398201773

    • SHA512

      ba0f1b516ed0aca1a93721a727b561bc48fcc93432c6543dc2bfc459f1765397bc90abe651cf3c9ee395d2767e93bca8a7100c3e92455c6b493a13f11cc5f348

    • SSDEEP

      12288:4ZwB2ATq+SudkgLIU5a7F/juPPrd3yYAT0Vtc7DcoEGKi9xcfFTX1V8dpOK:aH+PdNsU5a78PPr0YAceQxpAwXkdpR

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks