General

  • Target

    JaffaCakes118_981dd3d2088c2c26fc34e680d161154b

  • Size

    1.1MB

  • Sample

    250204-zmwfqatkel

  • MD5

    981dd3d2088c2c26fc34e680d161154b

  • SHA1

    b6347705e6ea7db0d01c2d2e664bddcc956bb95f

  • SHA256

    71fcfe5d529c9b901f987ebb8d88dbd35725ec8af2b0dd3febac32050f3f4c45

  • SHA512

    a0aa5acde4db9f8c87aa3d159531c1c1d7443590193e884d76baed1c0baf905b50ca58ea9af90aeede61ad01be89929460905f58c397c1fdb5ab13a710b0d3a2

  • SSDEEP

    12288:jle8Y4l+nVHSw6r8WqYnK4sRvOmjmZ1urdpI67xBIcUTm45VrU0eYhqzEHy5GOrf:5e2+xShr0mK4y9IcIRJVQfAER+NOqBXI

Malware Config

Targets

    • Target

      JaffaCakes118_981dd3d2088c2c26fc34e680d161154b

    • Size

      1.1MB

    • MD5

      981dd3d2088c2c26fc34e680d161154b

    • SHA1

      b6347705e6ea7db0d01c2d2e664bddcc956bb95f

    • SHA256

      71fcfe5d529c9b901f987ebb8d88dbd35725ec8af2b0dd3febac32050f3f4c45

    • SHA512

      a0aa5acde4db9f8c87aa3d159531c1c1d7443590193e884d76baed1c0baf905b50ca58ea9af90aeede61ad01be89929460905f58c397c1fdb5ab13a710b0d3a2

    • SSDEEP

      12288:jle8Y4l+nVHSw6r8WqYnK4sRvOmjmZ1urdpI67xBIcUTm45VrU0eYhqzEHy5GOrf:5e2+xShr0mK4y9IcIRJVQfAER+NOqBXI

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks