General

  • Target

    a2fb093d2127de3e36cdd7ddf00a2101_JaffaCakes118

  • Size

    3.1MB

  • Sample

    240403-wra4ssha25

  • MD5

    a2fb093d2127de3e36cdd7ddf00a2101

  • SHA1

    fa9925a7f23d8243ae24172437979165adb3f24d

  • SHA256

    9facb8e8769d4940fb4c52d3d04d89bf83194ff20a90d97191035c40dc70624e

  • SHA512

    33ed16f3af6c5f2be7f003cd1b37fb924d91f04248bc0f5c313ffceb06a88938bc9e8dc25f7d272b0b216cb2c5c9e7a5108fdb102ac5e74f82ab03d72601efdb

  • SSDEEP

    49152:92oZuBw/Qft5dl22oZuBw/Qft5dlT3EZpBh211Waw30RPtjtQiIhUyQy1SkFd:91k5n21k5nYr211K2INQy1S

Malware Config

Targets

    • Target

      a2fb093d2127de3e36cdd7ddf00a2101_JaffaCakes118

    • Size

      3.1MB

    • MD5

      a2fb093d2127de3e36cdd7ddf00a2101

    • SHA1

      fa9925a7f23d8243ae24172437979165adb3f24d

    • SHA256

      9facb8e8769d4940fb4c52d3d04d89bf83194ff20a90d97191035c40dc70624e

    • SHA512

      33ed16f3af6c5f2be7f003cd1b37fb924d91f04248bc0f5c313ffceb06a88938bc9e8dc25f7d272b0b216cb2c5c9e7a5108fdb102ac5e74f82ab03d72601efdb

    • SSDEEP

      49152:92oZuBw/Qft5dl22oZuBw/Qft5dlT3EZpBh211Waw30RPtjtQiIhUyQy1SkFd:91k5n21k5nYr211K2INQy1S

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks