General

  • Target

    e5b5eb1e61978a8f757c7011f5949959_JaffaCakes118

  • Size

    444KB

  • Sample

    240407-yevnsada46

  • MD5

    e5b5eb1e61978a8f757c7011f5949959

  • SHA1

    7203c7048d1e3e4556fd3c45f53a7edf91ba34d9

  • SHA256

    6bd8dfbc8c83fee901bf74160ed87fd28ace9d358982634287d199b550e31edd

  • SHA512

    c7c3b4392108fd2379534a93eaf30f74a5a89d230d19c255e8f0911c6bf1c8ecbf787bc406a481692f6c9e47550505e451baebaebed548e2803e2ad1631cf0ab

  • SSDEEP

    6144:nttttVkssroWoQTX5pS9t7RyBTBZEbv5QttttVkssroWoQTX5pS9t7RyB6:lkss8WBTGv5ekss8WB6

Malware Config

Targets

    • Target

      e5b5eb1e61978a8f757c7011f5949959_JaffaCakes118

    • Size

      444KB

    • MD5

      e5b5eb1e61978a8f757c7011f5949959

    • SHA1

      7203c7048d1e3e4556fd3c45f53a7edf91ba34d9

    • SHA256

      6bd8dfbc8c83fee901bf74160ed87fd28ace9d358982634287d199b550e31edd

    • SHA512

      c7c3b4392108fd2379534a93eaf30f74a5a89d230d19c255e8f0911c6bf1c8ecbf787bc406a481692f6c9e47550505e451baebaebed548e2803e2ad1631cf0ab

    • SSDEEP

      6144:nttttVkssroWoQTX5pS9t7RyBTBZEbv5QttttVkssroWoQTX5pS9t7RyB6:lkss8WBTGv5ekss8WB6

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks