General

  • Target

    e5b044a2518554d03a3908f552c508c6_JaffaCakes118

  • Size

    200KB

  • Sample

    240407-x74ayscc9s

  • MD5

    e5b044a2518554d03a3908f552c508c6

  • SHA1

    7eb68a10af049915f240bc43c439863aa1a2d048

  • SHA256

    dda0491a43111958806ee187e77ce78e5b256a37418fcaba2be2ea074a9a3e7b

  • SHA512

    d421cfeaa3f8637945ed7a03ae2ca51d7e6ec843f9d13afb12e6ea9e2d529a06433e236a1be9cfbce4a248088bf5ac57edc38e019bdd9f90635b660bcdacc3e6

  • SSDEEP

    3072:cf5yU0M2ns5X+vbEZammppIXVdiszpVhSURnTP+Z5R:u5yUZAC4MaPKNzDM5R

Malware Config

Targets

    • Target

      e5b044a2518554d03a3908f552c508c6_JaffaCakes118

    • Size

      200KB

    • MD5

      e5b044a2518554d03a3908f552c508c6

    • SHA1

      7eb68a10af049915f240bc43c439863aa1a2d048

    • SHA256

      dda0491a43111958806ee187e77ce78e5b256a37418fcaba2be2ea074a9a3e7b

    • SHA512

      d421cfeaa3f8637945ed7a03ae2ca51d7e6ec843f9d13afb12e6ea9e2d529a06433e236a1be9cfbce4a248088bf5ac57edc38e019bdd9f90635b660bcdacc3e6

    • SSDEEP

      3072:cf5yU0M2ns5X+vbEZammppIXVdiszpVhSURnTP+Z5R:u5yUZAC4MaPKNzDM5R

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks