General

  • Target

    a320bd4d15559d767eb84a437dc92d78_JaffaCakes118

  • Size

    128KB

  • Sample

    240403-wv5sksgg2z

  • MD5

    a320bd4d15559d767eb84a437dc92d78

  • SHA1

    bc19786af0b3d44c60a7f7a137402f1798ee45e9

  • SHA256

    4c95a15006cf4168dca1688e595f964e8c5a2b8a4b978be339b64adda19fb3e8

  • SHA512

    5d59b6cf164986d9b6361bd9a8011e01e3f183cd91a6d8781fc25b73ea9d48d68aafc1c26c7c8b2ad21cd94d075cd36562d9707d7fde5f46d40bb86b962070e6

  • SSDEEP

    3072:hoO4yfd5fixgPDuz0Obiaxo7f9pLctfzlUgPDuz0Obiaxo:h14yFxiO7uz0Ciyop1ctbl77uz0Ciyo

Malware Config

Targets

    • Target

      a320bd4d15559d767eb84a437dc92d78_JaffaCakes118

    • Size

      128KB

    • MD5

      a320bd4d15559d767eb84a437dc92d78

    • SHA1

      bc19786af0b3d44c60a7f7a137402f1798ee45e9

    • SHA256

      4c95a15006cf4168dca1688e595f964e8c5a2b8a4b978be339b64adda19fb3e8

    • SHA512

      5d59b6cf164986d9b6361bd9a8011e01e3f183cd91a6d8781fc25b73ea9d48d68aafc1c26c7c8b2ad21cd94d075cd36562d9707d7fde5f46d40bb86b962070e6

    • SSDEEP

      3072:hoO4yfd5fixgPDuz0Obiaxo7f9pLctfzlUgPDuz0Obiaxo:h14yFxiO7uz0Ciyop1ctbl77uz0Ciyo

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks