General

  • Target

    e5766fa8f2f68eb5e00257f0606de710_JaffaCakes118

  • Size

    371KB

  • Sample

    240407-vypp4ahg2z

  • MD5

    e5766fa8f2f68eb5e00257f0606de710

  • SHA1

    a6fed15d363634e1eb637e2226a62a7c3021fb89

  • SHA256

    130d728017ef29277b90456d97162296fdd0be4fe384464d1cfcfbf673e5be78

  • SHA512

    66465adaa5411acda763760d2f2b023bfa05ca59435a9a3c6daf5fc6bc2e9e0401ee348cde10b4a38158f08cc3c9a700e7e4fa6b78f3b3a0c5d998a269922e29

  • SSDEEP

    6144:BhXagImlwTbLnLQZxaWqjhJAz7M0k+A50HGmaxN+XYe6+uL5m71ppM8b18tYn:B8gIma/7+glJAz7M0kV50daxN+oeXu1w

Malware Config

Targets

    • Target

      e5766fa8f2f68eb5e00257f0606de710_JaffaCakes118

    • Size

      371KB

    • MD5

      e5766fa8f2f68eb5e00257f0606de710

    • SHA1

      a6fed15d363634e1eb637e2226a62a7c3021fb89

    • SHA256

      130d728017ef29277b90456d97162296fdd0be4fe384464d1cfcfbf673e5be78

    • SHA512

      66465adaa5411acda763760d2f2b023bfa05ca59435a9a3c6daf5fc6bc2e9e0401ee348cde10b4a38158f08cc3c9a700e7e4fa6b78f3b3a0c5d998a269922e29

    • SSDEEP

      6144:BhXagImlwTbLnLQZxaWqjhJAz7M0k+A50HGmaxN+XYe6+uL5m71ppM8b18tYn:B8gIma/7+glJAz7M0kV50daxN+oeXu1w

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks