General

  • Target

    0bb040d40e7d63cd6ed1364022bc82ab_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240501-nnn79adg9v

  • MD5

    0bb040d40e7d63cd6ed1364022bc82ab

  • SHA1

    d85aa092e41ded0efe942128bcce2994f2dae87f

  • SHA256

    15134c2669b08005bcadfcbcafb9140d23f81954e942a445a452c8aaae217644

  • SHA512

    9acfad97e8611b8d228251b72f4f98b5c55697e83fc1f349fe8383531ce2a95f89b6648b855893c96a08c8d78d280a90e23a8c660aa2ed88818e76a0aff809f4

  • SSDEEP

    24576:9QrhZ5VGxOI3A7889WKPyNVm4OqvTsPMT+YcLn8EZcOqa6HGjTOJDkO/fTPe6FBl:gZOxS8wPy7OHPMj48R+TU4OXTPeTE

Malware Config

Targets

    • Target

      0bb040d40e7d63cd6ed1364022bc82ab_JaffaCakes118

    • Size

      1.5MB

    • MD5

      0bb040d40e7d63cd6ed1364022bc82ab

    • SHA1

      d85aa092e41ded0efe942128bcce2994f2dae87f

    • SHA256

      15134c2669b08005bcadfcbcafb9140d23f81954e942a445a452c8aaae217644

    • SHA512

      9acfad97e8611b8d228251b72f4f98b5c55697e83fc1f349fe8383531ce2a95f89b6648b855893c96a08c8d78d280a90e23a8c660aa2ed88818e76a0aff809f4

    • SSDEEP

      24576:9QrhZ5VGxOI3A7889WKPyNVm4OqvTsPMT+YcLn8EZcOqa6HGjTOJDkO/fTPe6FBl:gZOxS8wPy7OHPMj48R+TU4OXTPeTE

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks