General

  • Target

    e7674746008d2c3336578fc1757d6813_JaffaCakes118

  • Size

    239KB

  • Sample

    240408-n2zadabg9t

  • MD5

    e7674746008d2c3336578fc1757d6813

  • SHA1

    fc85531baf162e16f358be45107765560ba3bc3b

  • SHA256

    be6bdc2d18aa13576364d252dfab63661396780c0d3a1aa926d7f535c3cbcc6b

  • SHA512

    66192cbcd942eec60e0e042030af8c912fa492185f5ac527e64cee85e843624d828e35beac723141f08b3b6f0a2208834664c378bf64b2cfa8c7cfd4251f453e

  • SSDEEP

    3072:5KcWmjRrzcttaXp4y3MGx8JqSemcn1RiV4efnw8MLhhLj6N+/SUnEeg1lOZ8NnMl:SmZ4ycGmjZc1RU7I8mhhfnZaNnWkCj

Malware Config

Targets

    • Target

      e7674746008d2c3336578fc1757d6813_JaffaCakes118

    • Size

      239KB

    • MD5

      e7674746008d2c3336578fc1757d6813

    • SHA1

      fc85531baf162e16f358be45107765560ba3bc3b

    • SHA256

      be6bdc2d18aa13576364d252dfab63661396780c0d3a1aa926d7f535c3cbcc6b

    • SHA512

      66192cbcd942eec60e0e042030af8c912fa492185f5ac527e64cee85e843624d828e35beac723141f08b3b6f0a2208834664c378bf64b2cfa8c7cfd4251f453e

    • SSDEEP

      3072:5KcWmjRrzcttaXp4y3MGx8JqSemcn1RiV4efnw8MLhhLj6N+/SUnEeg1lOZ8NnMl:SmZ4ycGmjZc1RU7I8mhhfnZaNnWkCj

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks