General

  • Target

    JaffaCakes118_40ba2dc5c50c7a93a4823c6e2008d6c2

  • Size

    68KB

  • Sample

    250127-say8hstmg1

  • MD5

    40ba2dc5c50c7a93a4823c6e2008d6c2

  • SHA1

    b6289293d1f017a5b6d46eed9117841d63b33e12

  • SHA256

    22df9e4ee82dd1e766b8dd4ddb52962c1f6137a3a5b5f3c7b00548e12d5f7227

  • SHA512

    e4e3a78f6e5943d7fd166294ad1b93ed6d45648176cdd0e56f584bcb02f332cf8ac394711a4b373e77bb7332c87a1017ecd9e486e09cd8b90c68103c93e9ef48

  • SSDEEP

    1536:fW1ZIZqI9opm6AIHIjzmULNzd59BHmkG/w0pw48:mxI9oYhIqqUNd591mkk7w

Malware Config

Targets

    • Target

      JaffaCakes118_40ba2dc5c50c7a93a4823c6e2008d6c2

    • Size

      68KB

    • MD5

      40ba2dc5c50c7a93a4823c6e2008d6c2

    • SHA1

      b6289293d1f017a5b6d46eed9117841d63b33e12

    • SHA256

      22df9e4ee82dd1e766b8dd4ddb52962c1f6137a3a5b5f3c7b00548e12d5f7227

    • SHA512

      e4e3a78f6e5943d7fd166294ad1b93ed6d45648176cdd0e56f584bcb02f332cf8ac394711a4b373e77bb7332c87a1017ecd9e486e09cd8b90c68103c93e9ef48

    • SSDEEP

      1536:fW1ZIZqI9opm6AIHIjzmULNzd59BHmkG/w0pw48:mxI9oYhIqqUNd591mkk7w

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

MITRE ATT&CK Enterprise v15

Tasks