General

  • Target

    a5039efb8f37f943017e8384414b6ef9_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240403-yg7q5aah2t

  • MD5

    a5039efb8f37f943017e8384414b6ef9

  • SHA1

    9fb6cba536d6ab83fb754dad0fb4739773f3da29

  • SHA256

    bf72962a2fedaf416a9f26b725215f774bd9231dc58a5b940934f9d593f67d83

  • SHA512

    252422d5d6a30dc6b41d90b9800f5eee1abb5830f41468d356be1c83976622027d2b2a9153f7c3da58374856c48e3251d06d8b46ff9fad142039f6ee45e14742

  • SSDEEP

    49152:wVQn0UTjl3wSVQn0UTjl3wCfU4Uj33i3+YfU4Uj33i3+c:wVER3vVER39fUbMXfUbM9

Malware Config

Targets

    • Target

      a5039efb8f37f943017e8384414b6ef9_JaffaCakes118

    • Size

      2.9MB

    • MD5

      a5039efb8f37f943017e8384414b6ef9

    • SHA1

      9fb6cba536d6ab83fb754dad0fb4739773f3da29

    • SHA256

      bf72962a2fedaf416a9f26b725215f774bd9231dc58a5b940934f9d593f67d83

    • SHA512

      252422d5d6a30dc6b41d90b9800f5eee1abb5830f41468d356be1c83976622027d2b2a9153f7c3da58374856c48e3251d06d8b46ff9fad142039f6ee45e14742

    • SSDEEP

      49152:wVQn0UTjl3wSVQn0UTjl3wCfU4Uj33i3+YfU4Uj33i3+c:wVER3vVER39fUbMXfUbM9

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks