Overview

overview

7

Static

static

3

fdf68a4746...18.exe

windows7-x64

7

fdf68a4746...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fdf68a4746650b5ff00fbce23280843a_JaffaCakes118

  • Size

    1.9MB

  • Sample

    240421-acn68ade83

  • MD5

    fdf68a4746650b5ff00fbce23280843a

  • SHA1

    9d6ac0cdb525c1af5e9080484eda88af8dc4b47e

  • SHA256

    91666223cafda73e2ed476f108d9036510de6cad2b014f2cbaf64df3f91123ec

  • SHA512

    3c06b52f2eca5d49bfa6b857e063b83012d4228ae98741a38b4bfaf88e691383f12026327b4a3af9808c2574cf824dc66dda789ea2fc3b8337717352aca46e93

  • SSDEEP

    24576:DN4MfN4MfN4MfN4MR8w/rIN4MfN4MfN4MfN4MR8w/r6:T6u

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      fdf68a4746650b5ff00fbce23280843a_JaffaCakes118

    • Size

      1.9MB

    • MD5

      fdf68a4746650b5ff00fbce23280843a

    • SHA1

      9d6ac0cdb525c1af5e9080484eda88af8dc4b47e

    • SHA256

      91666223cafda73e2ed476f108d9036510de6cad2b014f2cbaf64df3f91123ec

    • SHA512

      3c06b52f2eca5d49bfa6b857e063b83012d4228ae98741a38b4bfaf88e691383f12026327b4a3af9808c2574cf824dc66dda789ea2fc3b8337717352aca46e93

    • SSDEEP

      24576:DN4MfN4MfN4MfN4MR8w/rIN4MfN4MfN4MfN4MR8w/r6:T6u

    Score
    7/10
    persistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks