General

  • Target

    JaffaCakes118_b43910e4d609488ebb7c15ba45b5ed73

  • Size

    14KB

  • Sample

    250413-lfg3vssqv8

  • MD5

    b43910e4d609488ebb7c15ba45b5ed73

  • SHA1

    a32a51cf4b433f8802ec6b74629b7e63103c9a3a

  • SHA256

    f3e3bd82fc779a6cc1e924c6e551ad46c6c475397413475965b4db02136340c3

  • SHA512

    dd013a97d28d8eba67259f0c9ca130fef1f972ca74c26e6103fb070feaf0e15d7b3d6be5c4ccfda367673072642269b4bec0f9a290eccbaa1d89abe117f0afd7

  • SSDEEP

    384:O74L1wzHizZJMoYwcZ54MyeQwYHJaSkigL97kBVyA:O74hwoblcf4kYpaUP+A

Malware Config

Targets

    • Target

      JaffaCakes118_b43910e4d609488ebb7c15ba45b5ed73

    • Size

      14KB

    • MD5

      b43910e4d609488ebb7c15ba45b5ed73

    • SHA1

      a32a51cf4b433f8802ec6b74629b7e63103c9a3a

    • SHA256

      f3e3bd82fc779a6cc1e924c6e551ad46c6c475397413475965b4db02136340c3

    • SHA512

      dd013a97d28d8eba67259f0c9ca130fef1f972ca74c26e6103fb070feaf0e15d7b3d6be5c4ccfda367673072642269b4bec0f9a290eccbaa1d89abe117f0afd7

    • SSDEEP

      384:O74L1wzHizZJMoYwcZ54MyeQwYHJaSkigL97kBVyA:O74hwoblcf4kYpaUP+A

    • Phorphiex family

    • Phorphiex, Phorpiex

      Phorphiex or Phorpiex Malware family which infects systems to distribute other malicious payloads such as ransomware, stealers and cryptominers.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks