General

  • Target

    e5d58ab477121d321dd754dd21644c93_JaffaCakes118

  • Size

    97KB

  • Sample

    240407-zn9pqseb8y

  • MD5

    e5d58ab477121d321dd754dd21644c93

  • SHA1

    f176b2cb6bb3b8d434bbf5c1aa98736755e35c2e

  • SHA256

    0d43419e9d62ce760c5c52201f0ad3bb8de3adc9007c5f26a4ab8916246f7f9b

  • SHA512

    57c3f38c566fab8dd705f4b9d1cdb9d5b9a99ac025734a581a16154880f7df2c103b597908709588a7b2425a186bcf70bddae1f2b5f63c05ddb3cc8b23b2c87d

  • SSDEEP

    3072:SKcWmjRrz3T3nL/pZu6QmDYXiCmo3cuJ7ph:hGRZemEiQMuJ77

Malware Config

Targets

    • Target

      e5d58ab477121d321dd754dd21644c93_JaffaCakes118

    • Size

      97KB

    • MD5

      e5d58ab477121d321dd754dd21644c93

    • SHA1

      f176b2cb6bb3b8d434bbf5c1aa98736755e35c2e

    • SHA256

      0d43419e9d62ce760c5c52201f0ad3bb8de3adc9007c5f26a4ab8916246f7f9b

    • SHA512

      57c3f38c566fab8dd705f4b9d1cdb9d5b9a99ac025734a581a16154880f7df2c103b597908709588a7b2425a186bcf70bddae1f2b5f63c05ddb3cc8b23b2c87d

    • SSDEEP

      3072:SKcWmjRrz3T3nL/pZu6QmDYXiCmo3cuJ7ph:hGRZemEiQMuJ77

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks