General

  • Target

    JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35

  • Size

    340KB

  • Sample

    250211-vmn97atmak

  • MD5

    e87b16fc62f17a53eaa9c8700b01cf35

  • SHA1

    929cea9785c846da2e771b558b1eff514e3fd308

  • SHA256

    4355ee225a00835e561c2dab2202d393e34f187c83f6a920023da8a3bf11ea26

  • SHA512

    aa505da60a4a6e0393e84ba0fde51fbf741d5cfff872a975141f37ae144289e1cab1d2187c669485361899bd49a539c54590455424722ff39524fe78059366fd

  • SSDEEP

    6144:OG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtck:Z7kmAN6omFMb3sGB6UduRfLak

Malware Config

Targets

    • Target

      JaffaCakes118_e87b16fc62f17a53eaa9c8700b01cf35

    • Size

      340KB

    • MD5

      e87b16fc62f17a53eaa9c8700b01cf35

    • SHA1

      929cea9785c846da2e771b558b1eff514e3fd308

    • SHA256

      4355ee225a00835e561c2dab2202d393e34f187c83f6a920023da8a3bf11ea26

    • SHA512

      aa505da60a4a6e0393e84ba0fde51fbf741d5cfff872a975141f37ae144289e1cab1d2187c669485361899bd49a539c54590455424722ff39524fe78059366fd

    • SSDEEP

      6144:OG78LjzOANvSAsQLqF9pXMiY3sGB6UduRfLtck:Z7kmAN6omFMb3sGB6UduRfLak

    • Modifies firewall policy service

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks