General

  • Target

    e767467c13764266ae583119963423aa_JaffaCakes118

  • Size

    99KB

  • Sample

    240408-n2xrjsbg8z

  • MD5

    e767467c13764266ae583119963423aa

  • SHA1

    af85f79d41f9cd077de8806036f78a9d716e2c8e

  • SHA256

    8fdd900a27dc2f4ef451957818223885ae246f8d43806bb377a2560e3dd1bce3

  • SHA512

    fd5cf84c7b396426a95d141afad488b81808ab901c4446744f39b72378124666908e39607cc74ff5b8bce13a888f5ec0a8839cd3b3f224920855a815732ba4a1

  • SSDEEP

    1536:s9Z3KcR4mjD9r8226++4DA6Zgq18oJ6wXrNt6oBf3ec3lkdkgcll7:sr3KcWmjRrzSFJ2Q8oJdZduc3lkYP

Malware Config

Targets

    • Target

      e767467c13764266ae583119963423aa_JaffaCakes118

    • Size

      99KB

    • MD5

      e767467c13764266ae583119963423aa

    • SHA1

      af85f79d41f9cd077de8806036f78a9d716e2c8e

    • SHA256

      8fdd900a27dc2f4ef451957818223885ae246f8d43806bb377a2560e3dd1bce3

    • SHA512

      fd5cf84c7b396426a95d141afad488b81808ab901c4446744f39b72378124666908e39607cc74ff5b8bce13a888f5ec0a8839cd3b3f224920855a815732ba4a1

    • SSDEEP

      1536:s9Z3KcR4mjD9r8226++4DA6Zgq18oJ6wXrNt6oBf3ec3lkdkgcll7:sr3KcWmjRrzSFJ2Q8oJdZduc3lkYP

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks