General

  • Target

    JaffaCakes118_40c1b72d1da1e52e651e80bd382e3cf8

  • Size

    14KB

  • Sample

    250127-sczxtsvken

  • MD5

    40c1b72d1da1e52e651e80bd382e3cf8

  • SHA1

    7a39edf6c5e9ab07e34d9dbc880d658e2e8f69f4

  • SHA256

    ed591ae5dd97c621e97dd22e591f55d99890f662513b429d45e9facec430965d

  • SHA512

    99d90657b7a9e2af03c58ab18d6fd21c4854d8e600e2aa6e387a88d907ce58479f5137a505df5c7592bb6b0f39243059ed91adaa514ef5ba70b55c113fe178ec

  • SSDEEP

    192:UKolLDIGpeXSjvnS8KcTmhiXsN9R+aVexqpvoGTUISWIOoMjqujMzk7kOpE/tw:U3VZgXSjvS8FTbsNySV9zTBroe2kIJt

Malware Config

Targets

    • Target

      JaffaCakes118_40c1b72d1da1e52e651e80bd382e3cf8

    • Size

      14KB

    • MD5

      40c1b72d1da1e52e651e80bd382e3cf8

    • SHA1

      7a39edf6c5e9ab07e34d9dbc880d658e2e8f69f4

    • SHA256

      ed591ae5dd97c621e97dd22e591f55d99890f662513b429d45e9facec430965d

    • SHA512

      99d90657b7a9e2af03c58ab18d6fd21c4854d8e600e2aa6e387a88d907ce58479f5137a505df5c7592bb6b0f39243059ed91adaa514ef5ba70b55c113fe178ec

    • SSDEEP

      192:UKolLDIGpeXSjvnS8KcTmhiXsN9R+aVexqpvoGTUISWIOoMjqujMzk7kOpE/tw:U3VZgXSjvS8FTbsNySV9zTBroe2kIJt

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks