General

  • Target

    e55a4d2829f25e3b541da7ba07bb422b_JaffaCakes118

  • Size

    59KB

  • Sample

    240407-tw86aaha38

  • MD5

    e55a4d2829f25e3b541da7ba07bb422b

  • SHA1

    f8ee7cba622ca3a771183ff7a9b43a474b44a030

  • SHA256

    d36a0a9a3e882c39ea7dbafce363e63ac1ea240b6548cf804367ce64c2f8df35

  • SHA512

    0f09bc526fb6a024fb3b48ae313359bcdb59df6b96adc1a45e6096779daa95062029e5e048d731dc85a21c540320199dc91f113c7b4e60e29e9c4554a4d7d703

  • SSDEEP

    768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFGocAX3LKew369lp2z3s:SKcR4mjD9r823FHKcR4mjD9r823FB

Malware Config

Targets

    • Target

      e55a4d2829f25e3b541da7ba07bb422b_JaffaCakes118

    • Size

      59KB

    • MD5

      e55a4d2829f25e3b541da7ba07bb422b

    • SHA1

      f8ee7cba622ca3a771183ff7a9b43a474b44a030

    • SHA256

      d36a0a9a3e882c39ea7dbafce363e63ac1ea240b6548cf804367ce64c2f8df35

    • SHA512

      0f09bc526fb6a024fb3b48ae313359bcdb59df6b96adc1a45e6096779daa95062029e5e048d731dc85a21c540320199dc91f113c7b4e60e29e9c4554a4d7d703

    • SSDEEP

      768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFGocAX3LKew369lp2z3s:SKcR4mjD9r823FHKcR4mjD9r823FB

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks