General

  • Target

    e60674fbf22af5dffb91ff2754c232c2_JaffaCakes118

  • Size

    856KB

  • Sample

    240407-2nbh2sgh66

  • MD5

    e60674fbf22af5dffb91ff2754c232c2

  • SHA1

    99f21c958f746d2106ae3ef89b3598306e492ecf

  • SHA256

    6c71d286e15d8e203aa06be36227d9884f1cb62f0f787c0c87bf851cbbe8df18

  • SHA512

    8ed0136cfbae64306ed169f27cf4ed3b2a20cfb57797e4d3357e6bcdbdbb9f28136088c06e9c1b766708f5ce28113da59f04eb9beea4896cf6607647a7dbda96

  • SSDEEP

    12288:XGs5kseUTEU0iQHhxRg9FOp2J0OpOmWdj9KyZDf3WiOUseBCkCS+NB:XfCseUTEDxm9FOpEpkdsyZS8ed

Malware Config

Targets

    • Target

      e60674fbf22af5dffb91ff2754c232c2_JaffaCakes118

    • Size

      856KB

    • MD5

      e60674fbf22af5dffb91ff2754c232c2

    • SHA1

      99f21c958f746d2106ae3ef89b3598306e492ecf

    • SHA256

      6c71d286e15d8e203aa06be36227d9884f1cb62f0f787c0c87bf851cbbe8df18

    • SHA512

      8ed0136cfbae64306ed169f27cf4ed3b2a20cfb57797e4d3357e6bcdbdbb9f28136088c06e9c1b766708f5ce28113da59f04eb9beea4896cf6607647a7dbda96

    • SSDEEP

      12288:XGs5kseUTEU0iQHhxRg9FOp2J0OpOmWdj9KyZDf3WiOUseBCkCS+NB:XfCseUTEDxm9FOpEpkdsyZS8ed

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks