General

  • Target

    e552316acdc4a44e8c8ef8e45113677d_JaffaCakes118

  • Size

    324KB

  • Sample

    240407-tk987sgf37

  • MD5

    e552316acdc4a44e8c8ef8e45113677d

  • SHA1

    596c0ddee614356acc5391c0fe1426edc5fe388d

  • SHA256

    08202a14b7badbf869785300245852d55385c3aea7c2e24f6b808a1e2f8951bc

  • SHA512

    c236b6ab2b635c00686490d3fafaa5ce41f06771c82279c9db0073efb757aec0f8576402b81da1bb225538d59ee9589de8b2bd36306fd576c580da470bc48b31

  • SSDEEP

    6144:/v/sROY0xU9DbwiPdRW2UOPkWO4KHwziNPDD39s5pqtuVg3Zml2zI9Knlfi:/v/yOw9Dtd3UOMWOpHXNPDZ4q93Unss

Malware Config

Targets

    • Target

      e552316acdc4a44e8c8ef8e45113677d_JaffaCakes118

    • Size

      324KB

    • MD5

      e552316acdc4a44e8c8ef8e45113677d

    • SHA1

      596c0ddee614356acc5391c0fe1426edc5fe388d

    • SHA256

      08202a14b7badbf869785300245852d55385c3aea7c2e24f6b808a1e2f8951bc

    • SHA512

      c236b6ab2b635c00686490d3fafaa5ce41f06771c82279c9db0073efb757aec0f8576402b81da1bb225538d59ee9589de8b2bd36306fd576c580da470bc48b31

    • SSDEEP

      6144:/v/sROY0xU9DbwiPdRW2UOPkWO4KHwziNPDD39s5pqtuVg3Zml2zI9Knlfi:/v/yOw9Dtd3UOMWOpHXNPDZ4q93Unss

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks