General

  • Target

    JaffaCakes118_439553cfb19e19bd68bdfc758229ad04

  • Size

    141KB

  • Sample

    250127-zpdnpawjek

  • MD5

    439553cfb19e19bd68bdfc758229ad04

  • SHA1

    1ef16b20468ac04bc6fc092a4a723385da1b9f78

  • SHA256

    cffcc1f0759ab39a95920393fc0677782347da43a70270f4a999241c99bce25b

  • SHA512

    3fd943a9d8b2d768a1de6bc3af25c619cb692b5bbec3ca9b0fec072a5c71d0832c8a57283d068e3fc66a795e1815763797d5f7e12ef611d79446ab3dc37fa833

  • SSDEEP

    1536:TxqJ//tsVGRNfz58Cs/OYd4gT+ghwv7RdSeRkZnd/g:AlgGfzTYGgT+eWPSxZp

Malware Config

Targets

    • Target

      JaffaCakes118_439553cfb19e19bd68bdfc758229ad04

    • Size

      141KB

    • MD5

      439553cfb19e19bd68bdfc758229ad04

    • SHA1

      1ef16b20468ac04bc6fc092a4a723385da1b9f78

    • SHA256

      cffcc1f0759ab39a95920393fc0677782347da43a70270f4a999241c99bce25b

    • SHA512

      3fd943a9d8b2d768a1de6bc3af25c619cb692b5bbec3ca9b0fec072a5c71d0832c8a57283d068e3fc66a795e1815763797d5f7e12ef611d79446ab3dc37fa833

    • SSDEEP

      1536:TxqJ//tsVGRNfz58Cs/OYd4gT+ghwv7RdSeRkZnd/g:AlgGfzTYGgT+eWPSxZp

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks