General

  • Target

    e572e8ba020ed9dfe9c846cdf0ab6338_JaffaCakes118

  • Size

    30KB

  • Sample

    240407-vtnbgahf4v

  • MD5

    e572e8ba020ed9dfe9c846cdf0ab6338

  • SHA1

    73fdc08b1bc6727e2d4f7910b165c7e6c23baf69

  • SHA256

    525b825ce0609297d21dc70c1f0886bb6876c2368ce04348aac1e39ecd161d17

  • SHA512

    282b86298a2ec1877532be833919ae0442fdaf81381bab4eaac2f0e70155ebc052307a740e95113a81a57ae79f721c330daccbfadc67c0379f318a3e09654630

  • SSDEEP

    768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFtQe:SKcR4mjD9r823FOe

Malware Config

Targets

    • Target

      e572e8ba020ed9dfe9c846cdf0ab6338_JaffaCakes118

    • Size

      30KB

    • MD5

      e572e8ba020ed9dfe9c846cdf0ab6338

    • SHA1

      73fdc08b1bc6727e2d4f7910b165c7e6c23baf69

    • SHA256

      525b825ce0609297d21dc70c1f0886bb6876c2368ce04348aac1e39ecd161d17

    • SHA512

      282b86298a2ec1877532be833919ae0442fdaf81381bab4eaac2f0e70155ebc052307a740e95113a81a57ae79f721c330daccbfadc67c0379f318a3e09654630

    • SSDEEP

      768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFtQe:SKcR4mjD9r823FOe

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks