General

  • Target

    JaffaCakes118_cf73b3f5873fe062873eb8210b648eb8

  • Size

    773KB

  • Sample

    250119-w3a8yazrel

  • MD5

    cf73b3f5873fe062873eb8210b648eb8

  • SHA1

    1b6f682f5fafbdcc0264f06b5f0544b5a94faee0

  • SHA256

    6837ce30b11a24c07541fbc1ff597631b0112321da7c1fb6977bcc711654dfee

  • SHA512

    17fd62f4855b3d149a335411a1c51a15286f089f38323a317e7feacdf29fbe1957c62ea3d4c11e8c1ef9c9975035945b5b7a0cc5aedc104e8a1bf8bc38b73104

  • SSDEEP

    12288:chA+ChiVpkzpt/yhim8teZx/CeHc93IvvMeRHj/G5tfCOjBREfCIxf1SJZQPpm4b:gC22pQD8twa93I3RK4Q6zxt0ZQxm4b

Malware Config

Targets

    • Target

      JaffaCakes118_cf73b3f5873fe062873eb8210b648eb8

    • Size

      773KB

    • MD5

      cf73b3f5873fe062873eb8210b648eb8

    • SHA1

      1b6f682f5fafbdcc0264f06b5f0544b5a94faee0

    • SHA256

      6837ce30b11a24c07541fbc1ff597631b0112321da7c1fb6977bcc711654dfee

    • SHA512

      17fd62f4855b3d149a335411a1c51a15286f089f38323a317e7feacdf29fbe1957c62ea3d4c11e8c1ef9c9975035945b5b7a0cc5aedc104e8a1bf8bc38b73104

    • SSDEEP

      12288:chA+ChiVpkzpt/yhim8teZx/CeHc93IvvMeRHj/G5tfCOjBREfCIxf1SJZQPpm4b:gC22pQD8twa93I3RK4Q6zxt0ZQxm4b

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks