General

  • Target

    JaffaCakes118_40d72ff370876293c0b20524be2fff41

  • Size

    35KB

  • Sample

    250127-sjlnsatqhy

  • MD5

    40d72ff370876293c0b20524be2fff41

  • SHA1

    9c408c35fd4a049c22b4f567d3827ce254529889

  • SHA256

    e2d85a1e50931878dd1d8ed8ab1fa07198990fc28d2f28ac3ddb026e3616e338

  • SHA512

    5dea79023d17c24527b9969f44c314923a2bfbb5fd29d09ee1121b1c7d5eab2e54d38b75cc8d5fa9b7611640355f71afe21e06de483f395edab1693803f8fea2

  • SSDEEP

    384:o3Zw8bvxKPNgGpmQuSm2pP+GOuqs/SrYo1gIw+NTO36UyKq3f8s7hkDHaFmsPlvx:2Zw8bkgG8Q1mSP+Ve/o1Vwzlqa2Blvx

Malware Config

Targets

    • Target

      JaffaCakes118_40d72ff370876293c0b20524be2fff41

    • Size

      35KB

    • MD5

      40d72ff370876293c0b20524be2fff41

    • SHA1

      9c408c35fd4a049c22b4f567d3827ce254529889

    • SHA256

      e2d85a1e50931878dd1d8ed8ab1fa07198990fc28d2f28ac3ddb026e3616e338

    • SHA512

      5dea79023d17c24527b9969f44c314923a2bfbb5fd29d09ee1121b1c7d5eab2e54d38b75cc8d5fa9b7611640355f71afe21e06de483f395edab1693803f8fea2

    • SSDEEP

      384:o3Zw8bvxKPNgGpmQuSm2pP+GOuqs/SrYo1gIw+NTO36UyKq3f8s7hkDHaFmsPlvx:2Zw8bkgG8Q1mSP+Ve/o1Vwzlqa2Blvx

    • Server Software Component: Terminal Services DLL

    • Deletes itself

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks