General

  • Target

    JaffaCakes118_4378cbbd4beb1524bb65b1e3aa7a3e7b

  • Size

    312KB

  • Sample

    250127-zd3hnsvkdv

  • MD5

    4378cbbd4beb1524bb65b1e3aa7a3e7b

  • SHA1

    bde5b92f939f8f37200814f7274577dd532eeb90

  • SHA256

    8e65f307200582a982134b4936b84f89cd43be88555542266c69024583e4764a

  • SHA512

    09bf4d3b9b9921d6df933835ffe39b16bc3d71e50d29154d222ad0cb4ccc16b32e7e26ee357b8c65b2d5979c8c1da6b4efabe8939439f8f3f6f7855f2677fb96

  • SSDEEP

    6144:pZXePVuYXgYIlqAnIVDC8e5uMSXGJZPBP3Jm90GFY:CcYXgYMNIVa5uM1D/U0sY

Malware Config

Targets

    • Target

      JaffaCakes118_4378cbbd4beb1524bb65b1e3aa7a3e7b

    • Size

      312KB

    • MD5

      4378cbbd4beb1524bb65b1e3aa7a3e7b

    • SHA1

      bde5b92f939f8f37200814f7274577dd532eeb90

    • SHA256

      8e65f307200582a982134b4936b84f89cd43be88555542266c69024583e4764a

    • SHA512

      09bf4d3b9b9921d6df933835ffe39b16bc3d71e50d29154d222ad0cb4ccc16b32e7e26ee357b8c65b2d5979c8c1da6b4efabe8939439f8f3f6f7855f2677fb96

    • SSDEEP

      6144:pZXePVuYXgYIlqAnIVDC8e5uMSXGJZPBP3Jm90GFY:CcYXgYMNIVa5uM1D/U0sY

    • Modifies visiblity of hidden/system files in Explorer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks