General

  • Target

    e6568db859270b2735cefeca0e3ea414_JaffaCakes118

  • Size

    99KB

  • Sample

    240408-b23atach9s

  • MD5

    e6568db859270b2735cefeca0e3ea414

  • SHA1

    5d7b8adf07ca67e85c5903608a15c6f9f1068d58

  • SHA256

    de33cae0704808938d7d502fa2a7b65726ffc9e9000a02bbf3413319a17e0f51

  • SHA512

    3c97b02cadd6837eb577d5cf929baade573c6471af1fb5e1deafe20cc541c4e817fdf4362138cb092fabebe25a2bbdad923e0c2b5e9df609c7ccc4344061ca52

  • SSDEEP

    3072:sr3KcWmjRrzS4oYb4qGU9txYrmspauPPy/:/JaG8zpWauP+

Malware Config

Targets

    • Target

      e6568db859270b2735cefeca0e3ea414_JaffaCakes118

    • Size

      99KB

    • MD5

      e6568db859270b2735cefeca0e3ea414

    • SHA1

      5d7b8adf07ca67e85c5903608a15c6f9f1068d58

    • SHA256

      de33cae0704808938d7d502fa2a7b65726ffc9e9000a02bbf3413319a17e0f51

    • SHA512

      3c97b02cadd6837eb577d5cf929baade573c6471af1fb5e1deafe20cc541c4e817fdf4362138cb092fabebe25a2bbdad923e0c2b5e9df609c7ccc4344061ca52

    • SSDEEP

      3072:sr3KcWmjRrzS4oYb4qGU9txYrmspauPPy/:/JaG8zpWauP+

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks