General

  • Target

    e75e9ee179188db8048d996acf024610_JaffaCakes118

  • Size

    30KB

  • Sample

    240408-nqasmsbe2y

  • MD5

    e75e9ee179188db8048d996acf024610

  • SHA1

    785b10bc1e12cca62f3962cf7e6ef234d8fc0156

  • SHA256

    5a30866c098488c80076ecb8335539d2cded18368060b800dee3f2d2adc8812c

  • SHA512

    b4cbd374c7549aa2a1d8785034f1c8d3c0f4f5bc09b7359554bb0583860db9036bafe437732785cafea13b80e0ea5399a8dfe1d7829340ef570070ade36476ca

  • SSDEEP

    768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFbf:SKcR4mjD9r823Fj

Malware Config

Targets

    • Target

      e75e9ee179188db8048d996acf024610_JaffaCakes118

    • Size

      30KB

    • MD5

      e75e9ee179188db8048d996acf024610

    • SHA1

      785b10bc1e12cca62f3962cf7e6ef234d8fc0156

    • SHA256

      5a30866c098488c80076ecb8335539d2cded18368060b800dee3f2d2adc8812c

    • SHA512

      b4cbd374c7549aa2a1d8785034f1c8d3c0f4f5bc09b7359554bb0583860db9036bafe437732785cafea13b80e0ea5399a8dfe1d7829340ef570070ade36476ca

    • SSDEEP

      768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEFbf:SKcR4mjD9r823Fj

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks