General

  • Target

    e57a39f9f446359bb6cfbd6fb34155d8_JaffaCakes118

  • Size

    6.8MB

  • Sample

    240407-v4ky4aac55

  • MD5

    e57a39f9f446359bb6cfbd6fb34155d8

  • SHA1

    4d39eb9c90a7908f4cde529043330c5ab941f478

  • SHA256

    204952415326609269ef56ab10511c20b4d6f1653c11d4a5b3dbd39f8e1d6770

  • SHA512

    9190a9964227a95cce053bc1f13ab988cea42118df57e08e583fc5bcd22a4e317573b0db77196860524a6c77ff35dd205d1fcb9272fe86300741fb2d247e3f8b

  • SSDEEP

    196608:b9PqCsXDjDyf6L2WliXYrHW1LeD8qsO9m:hPqCEDVL2ciIrHWRs8xS

Malware Config

Targets

    • Target

      e57a39f9f446359bb6cfbd6fb34155d8_JaffaCakes118

    • Size

      6.8MB

    • MD5

      e57a39f9f446359bb6cfbd6fb34155d8

    • SHA1

      4d39eb9c90a7908f4cde529043330c5ab941f478

    • SHA256

      204952415326609269ef56ab10511c20b4d6f1653c11d4a5b3dbd39f8e1d6770

    • SHA512

      9190a9964227a95cce053bc1f13ab988cea42118df57e08e583fc5bcd22a4e317573b0db77196860524a6c77ff35dd205d1fcb9272fe86300741fb2d247e3f8b

    • SSDEEP

      196608:b9PqCsXDjDyf6L2WliXYrHW1LeD8qsO9m:hPqCEDVL2ciIrHWRs8xS

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks