General

  • Target

    JaffaCakes118_438da5d06be5d57bc3aee6be26c3ac44

  • Size

    128KB

  • Sample

    250127-zl81esvrgq

  • MD5

    438da5d06be5d57bc3aee6be26c3ac44

  • SHA1

    078adb4b2c6341b21682e672b924657cc98e358a

  • SHA256

    e4dd6117266e21b6b79bde3d98a084014f7966ead6fa91a9901330da81d33a0f

  • SHA512

    4eaf41b3d66e2ede713033cca87717379fffa6144d6f19d9aa0306c2616461c85d454e3dca5cf5706570d610bf379e34a5f02d0080bbecee621c68f1453fa7da

  • SSDEEP

    3072:BvHs7kXmJPqDlOxcA40p00IPPxsZ37H0dCyl2:ZHs7kXmJPq8WA4WXksF7Ugys

Malware Config

Targets

    • Target

      JaffaCakes118_438da5d06be5d57bc3aee6be26c3ac44

    • Size

      128KB

    • MD5

      438da5d06be5d57bc3aee6be26c3ac44

    • SHA1

      078adb4b2c6341b21682e672b924657cc98e358a

    • SHA256

      e4dd6117266e21b6b79bde3d98a084014f7966ead6fa91a9901330da81d33a0f

    • SHA512

      4eaf41b3d66e2ede713033cca87717379fffa6144d6f19d9aa0306c2616461c85d454e3dca5cf5706570d610bf379e34a5f02d0080bbecee621c68f1453fa7da

    • SSDEEP

      3072:BvHs7kXmJPqDlOxcA40p00IPPxsZ37H0dCyl2:ZHs7kXmJPq8WA4WXksF7Ugys

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks