General

  • Target

    e5840e54892e130e8139151a890fd7a7_JaffaCakes118

  • Size

    197KB

  • Sample

    240407-wgnxxaac6x

  • MD5

    e5840e54892e130e8139151a890fd7a7

  • SHA1

    1097f880dbee1a0527181c6f0df7c5f3d8e1f3a5

  • SHA256

    85e823cf8354a8732c0bdf549489b09725885d0100d756227deca38963f29580

  • SHA512

    a789e0fecea4dbaf47a88aa324be079d975afeaada73a46fcdb360c46d4d1e07955490ec65b6761dbf22322a9ee3bb2ac266a64fb284a24626295bce2d5d17c5

  • SSDEEP

    3072:4p2boShpV6oxK6f+5zLxBuAE5ZyoW+gGX3QHd:8Shq6fkqAEzyoWFGX3S

Malware Config

Targets

    • Target

      e5840e54892e130e8139151a890fd7a7_JaffaCakes118

    • Size

      197KB

    • MD5

      e5840e54892e130e8139151a890fd7a7

    • SHA1

      1097f880dbee1a0527181c6f0df7c5f3d8e1f3a5

    • SHA256

      85e823cf8354a8732c0bdf549489b09725885d0100d756227deca38963f29580

    • SHA512

      a789e0fecea4dbaf47a88aa324be079d975afeaada73a46fcdb360c46d4d1e07955490ec65b6761dbf22322a9ee3bb2ac266a64fb284a24626295bce2d5d17c5

    • SSDEEP

      3072:4p2boShpV6oxK6f+5zLxBuAE5ZyoW+gGX3QHd:8Shq6fkqAEzyoWFGX3S

    • Modifies Installed Components in the registry

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks