Overview

overview

7

Static

static

3

043eaede99...18.exe

windows7-x64

7

043eaede99...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    043eaede991f0babf38e2e17937e4e99_JaffaCakes118

  • Size

    437KB

  • Sample

    240428-dndfmsfb3x

  • MD5

    043eaede991f0babf38e2e17937e4e99

  • SHA1

    3308775eebfae7d12cce6f7154c5add1217c13d4

  • SHA256

    0e5cb83def6333b13ab36fcf301145537f565800e768aaa5c40c2378b27ec5da

  • SHA512

    2be4062e9519978bf82d2b36934b6d6e9e2971741827acae56c2dbb708220f0f685423fc0c3f150fd4eda8128348f0640ce6a58f9140713168947e177b8c1685

  • SSDEEP

    6144:O2qVEWmw4UhfrXi2jyLhxT5Ahv4go96AO2wZTOfmu4pilruhQfEQLOp8/Oe113ea:dqVHmw4Uh2ayHx9mTOfColruOf5jOe1H

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      043eaede991f0babf38e2e17937e4e99_JaffaCakes118

    • Size

      437KB

    • MD5

      043eaede991f0babf38e2e17937e4e99

    • SHA1

      3308775eebfae7d12cce6f7154c5add1217c13d4

    • SHA256

      0e5cb83def6333b13ab36fcf301145537f565800e768aaa5c40c2378b27ec5da

    • SHA512

      2be4062e9519978bf82d2b36934b6d6e9e2971741827acae56c2dbb708220f0f685423fc0c3f150fd4eda8128348f0640ce6a58f9140713168947e177b8c1685

    • SSDEEP

      6144:O2qVEWmw4UhfrXi2jyLhxT5Ahv4go96AO2wZTOfmu4pilruhQfEQLOp8/Oe113ea:dqVHmw4Uh2ayHx9mTOfColruOf5jOe1H

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks