Overview

overview

7

Static

static

3

f66ba4b394...18.exe

windows7-x64

7

f66ba4b394...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f66ba4b394fd33d6b0b09b4d72b9c0c2_JaffaCakes118

  • Size

    4.0MB

  • Sample

    240417-xaeakaad34

  • MD5

    f66ba4b394fd33d6b0b09b4d72b9c0c2

  • SHA1

    e0e65a2c7995fab516c6d88f0e360911ddba2a20

  • SHA256

    64c2e43a93cae46809f7dc0d6261c5be460122376e837b113ccd8edcb2c07b7d

  • SHA512

    fcd8b26e9cc6791ef4077ca32aeae0d56d3104b088b2a7572dfb2a87609c1ee929ba62011157fd9745c13f6da0626c19e65944651e82ad5dcb168e058e57bfd2

  • SSDEEP

    98304:wVPGj2BZM+M6RkMkIM72VPGj2BZM+M6RkMkIM7:jl

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      f66ba4b394fd33d6b0b09b4d72b9c0c2_JaffaCakes118

    • Size

      4.0MB

    • MD5

      f66ba4b394fd33d6b0b09b4d72b9c0c2

    • SHA1

      e0e65a2c7995fab516c6d88f0e360911ddba2a20

    • SHA256

      64c2e43a93cae46809f7dc0d6261c5be460122376e837b113ccd8edcb2c07b7d

    • SHA512

      fcd8b26e9cc6791ef4077ca32aeae0d56d3104b088b2a7572dfb2a87609c1ee929ba62011157fd9745c13f6da0626c19e65944651e82ad5dcb168e058e57bfd2

    • SSDEEP

      98304:wVPGj2BZM+M6RkMkIM72VPGj2BZM+M6RkMkIM7:jl

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks