General

  • Target

    e60d29848b8f60da29efbc0efb820022_JaffaCakes118

  • Size

    46KB

  • Sample

    240407-2xqz4ahb94

  • MD5

    e60d29848b8f60da29efbc0efb820022

  • SHA1

    78a45511d591deee841dcc5c9600d64a901fe232

  • SHA256

    5910523dd84c592fdf140cba6c8e0272504ef03ddbe93290a4009c1f31f18532

  • SHA512

    481e87ea058767aa55bf687dec140196a4192bcf3c8265c97583c9efba56252d024a67141bbc7e01d22aaa707c2fce77ef35003882657f537bf55e1d81c2cbd8

  • SSDEEP

    768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFevLIsQl8a1OKVhryjAL:SKcR4mjD9r823Fist+a1vOAax2j

Malware Config

Targets

    • Target

      e60d29848b8f60da29efbc0efb820022_JaffaCakes118

    • Size

      46KB

    • MD5

      e60d29848b8f60da29efbc0efb820022

    • SHA1

      78a45511d591deee841dcc5c9600d64a901fe232

    • SHA256

      5910523dd84c592fdf140cba6c8e0272504ef03ddbe93290a4009c1f31f18532

    • SHA512

      481e87ea058767aa55bf687dec140196a4192bcf3c8265c97583c9efba56252d024a67141bbc7e01d22aaa707c2fce77ef35003882657f537bf55e1d81c2cbd8

    • SSDEEP

      768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFevLIsQl8a1OKVhryjAL:SKcR4mjD9r823Fist+a1vOAax2j

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks