General

  • Target

    a4b5c85d53120079a9bb9e54b1ff8a9b_JaffaCakes118

  • Size

    128KB

  • Sample

    240403-x825aaah43

  • MD5

    a4b5c85d53120079a9bb9e54b1ff8a9b

  • SHA1

    ab24b7b9aa8b7d2a033f11e06b03d12a8a0dc9e6

  • SHA256

    e0653dc038521d02b48f6e69f3b62836d87eb4b4305e6a5f4540ad72b7cb5103

  • SHA512

    6ed9e3b01388081cd78efae44347bc67d566f9e7b5571d9c0bc616dcec836c066a3c00fa2470d9bb80c991953f16f12888eb1ea42d680bf46a3677b6b29d2643

  • SSDEEP

    3072:D6Oc3xxNSDrf8jV09T5oTrREqu6QlOiVBav09T5o:D6Oc3xzSI69dofRTCOinaM9do

Malware Config

Targets

    • Target

      a4b5c85d53120079a9bb9e54b1ff8a9b_JaffaCakes118

    • Size

      128KB

    • MD5

      a4b5c85d53120079a9bb9e54b1ff8a9b

    • SHA1

      ab24b7b9aa8b7d2a033f11e06b03d12a8a0dc9e6

    • SHA256

      e0653dc038521d02b48f6e69f3b62836d87eb4b4305e6a5f4540ad72b7cb5103

    • SHA512

      6ed9e3b01388081cd78efae44347bc67d566f9e7b5571d9c0bc616dcec836c066a3c00fa2470d9bb80c991953f16f12888eb1ea42d680bf46a3677b6b29d2643

    • SSDEEP

      3072:D6Oc3xxNSDrf8jV09T5oTrREqu6QlOiVBav09T5o:D6Oc3xzSI69dofRTCOinaM9do

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks