General

  • Target

    e5c8465b257f9f5c6b422f38d66af4f9_JaffaCakes118

  • Size

    30KB

  • Sample

    240407-y58y4ade6t

  • MD5

    e5c8465b257f9f5c6b422f38d66af4f9

  • SHA1

    52b609ee6f9c9d9b525731bfd8a3519298c34488

  • SHA256

    a4aa441fe90301ac47c93688a4f652042224fa740406ad62b65befcb3e5917ea

  • SHA512

    204763fa757b2749d1483b018ecaaeeca54f3a4fdc6aceddaa83f77b42d1eb08be8474d3aa037bc935bfb99323646959a89d85d6d43671ad7c9d904506f9efca

  • SSDEEP

    768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFAK:SKcR4mjD9r823FAK

Malware Config

Targets

    • Target

      e5c8465b257f9f5c6b422f38d66af4f9_JaffaCakes118

    • Size

      30KB

    • MD5

      e5c8465b257f9f5c6b422f38d66af4f9

    • SHA1

      52b609ee6f9c9d9b525731bfd8a3519298c34488

    • SHA256

      a4aa441fe90301ac47c93688a4f652042224fa740406ad62b65befcb3e5917ea

    • SHA512

      204763fa757b2749d1483b018ecaaeeca54f3a4fdc6aceddaa83f77b42d1eb08be8474d3aa037bc935bfb99323646959a89d85d6d43671ad7c9d904506f9efca

    • SSDEEP

      768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFAK:SKcR4mjD9r823FAK

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks