General

  • Target

    e579b01fb68a98b3343be6842595e2a7_JaffaCakes118

  • Size

    393KB

  • Sample

    240407-v3nnlahh3v

  • MD5

    e579b01fb68a98b3343be6842595e2a7

  • SHA1

    7493c136cf4200c2ca79dc6c808a740693eec7b6

  • SHA256

    5090357e800563f2a4bb6407ebb428bc12ea999fa35633adaa3c88d156fb2060

  • SHA512

    c950a82d819243c4d8cdfc05cbf54fa0ef7de6c5e203963a0ce040dc2167d33d1e54b08c95729b722906bffeee2cce73c0a66aab73a2d94751a501e5889ca98c

  • SSDEEP

    12288:h3+3JaPMKHe83iktku9wag6P/ZI5Q7WTTo4dvZ:h3EJaPPHbUGjg6XZI5Q7WTMyZ

Malware Config

Targets

    • Target

      e579b01fb68a98b3343be6842595e2a7_JaffaCakes118

    • Size

      393KB

    • MD5

      e579b01fb68a98b3343be6842595e2a7

    • SHA1

      7493c136cf4200c2ca79dc6c808a740693eec7b6

    • SHA256

      5090357e800563f2a4bb6407ebb428bc12ea999fa35633adaa3c88d156fb2060

    • SHA512

      c950a82d819243c4d8cdfc05cbf54fa0ef7de6c5e203963a0ce040dc2167d33d1e54b08c95729b722906bffeee2cce73c0a66aab73a2d94751a501e5889ca98c

    • SSDEEP

      12288:h3+3JaPMKHe83iktku9wag6P/ZI5Q7WTTo4dvZ:h3EJaPPHbUGjg6XZI5Q7WTMyZ

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks