General

  • Target

    JaffaCakes118_436f6ff5a6817a96e26b2e833d5225d1

  • Size

    112KB

  • Sample

    250127-zbjb1svnfm

  • MD5

    436f6ff5a6817a96e26b2e833d5225d1

  • SHA1

    f74f6742d1e93f2cc8407dd89ad253c9594d4c7e

  • SHA256

    da0c641715b170062bcd087cfcb95e93da8215e1b4c5efcb11e347fdb79a0309

  • SHA512

    34b698852ad383aa00348030932cbbe4f3c670246dad23d0d2125356e6fe00eba52d9c927de8e324aff61083d19a87adadbaa923c93a1b2a799014f10ac285e9

  • SSDEEP

    1536:SvqsBKpnrore0AcJsAEBFtT2fWg7Qpnol59:Vsmrore01JurgUpnol59

Malware Config

Targets

    • Target

      JaffaCakes118_436f6ff5a6817a96e26b2e833d5225d1

    • Size

      112KB

    • MD5

      436f6ff5a6817a96e26b2e833d5225d1

    • SHA1

      f74f6742d1e93f2cc8407dd89ad253c9594d4c7e

    • SHA256

      da0c641715b170062bcd087cfcb95e93da8215e1b4c5efcb11e347fdb79a0309

    • SHA512

      34b698852ad383aa00348030932cbbe4f3c670246dad23d0d2125356e6fe00eba52d9c927de8e324aff61083d19a87adadbaa923c93a1b2a799014f10ac285e9

    • SSDEEP

      1536:SvqsBKpnrore0AcJsAEBFtT2fWg7Qpnol59:Vsmrore01JurgUpnol59

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks