General

  • Target

    JaffaCakes118_e4c50c741c9271afbb640182582289ca

  • Size

    107KB

  • Sample

    250503-q2khbsttez

  • MD5

    e4c50c741c9271afbb640182582289ca

  • SHA1

    70a4e4e0c0bac3f37e007990fe3a56ee8ed64684

  • SHA256

    9e16949080d7ff8d8869ec558b9a4a0f33d1508e533325c22e4ceffccfa14d7a

  • SHA512

    83fc4a11db8a199ad150201d10b689a37f25e4324722808ab503a5f1fbcb939e45483668435ba7907fc16be37a7e54eaa36634c346a1af61093266a2c7065bea

  • SSDEEP

    3072:UndpZMAiYBF8sBXYI0SfsIkSlUtE0GTERA7C:UntBv8sBogsIkeUC0Gw

Malware Config

Targets

    • Target

      JaffaCakes118_e4c50c741c9271afbb640182582289ca

    • Size

      107KB

    • MD5

      e4c50c741c9271afbb640182582289ca

    • SHA1

      70a4e4e0c0bac3f37e007990fe3a56ee8ed64684

    • SHA256

      9e16949080d7ff8d8869ec558b9a4a0f33d1508e533325c22e4ceffccfa14d7a

    • SHA512

      83fc4a11db8a199ad150201d10b689a37f25e4324722808ab503a5f1fbcb939e45483668435ba7907fc16be37a7e54eaa36634c346a1af61093266a2c7065bea

    • SSDEEP

      3072:UndpZMAiYBF8sBXYI0SfsIkSlUtE0GTERA7C:UntBv8sBogsIkeUC0Gw

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • Sets desktop wallpaper using registry

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks