Overview

overview

7

Static

static

3

a9f9091bc7...18.exe

windows7-x64

7

a9f9091bc7...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a9f9091bc7ced000660acf41fcf0d485_JaffaCakes118.exe

  • Size

    1.2MB

  • Sample

    240504-yjhvsacb47

  • MD5

    a9f9091bc7ced000660acf41fcf0d485

  • SHA1

    0f506b5a3ddd2e7e73a4221288afa4559d8e38c4

  • SHA256

    ad078755cfb63de63a4e83c946ad755a953c8d23a35d0d202a04cce5ffb4bf5d

  • SHA512

    026515600a085d9c0f9890e841ca14c255c92b06556a517cc476ece764f373dd658e3f0b6d9fddb17aed15d937633eeb5f735ae93b329f83706f38de6ca36162

  • SSDEEP

    24576:lq8axXMDvf0vr0QrO46TbvAIgwFEKzUlqXpXgM+DaVlyaudLLQP5bG23VCx2xq:e8Iv7r36fv7UlqXpwDkYf1LQ5brlCmq

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a9f9091bc7ced000660acf41fcf0d485_JaffaCakes118.exe

    • Size

      1.2MB

    • MD5

      a9f9091bc7ced000660acf41fcf0d485

    • SHA1

      0f506b5a3ddd2e7e73a4221288afa4559d8e38c4

    • SHA256

      ad078755cfb63de63a4e83c946ad755a953c8d23a35d0d202a04cce5ffb4bf5d

    • SHA512

      026515600a085d9c0f9890e841ca14c255c92b06556a517cc476ece764f373dd658e3f0b6d9fddb17aed15d937633eeb5f735ae93b329f83706f38de6ca36162

    • SSDEEP

      24576:lq8axXMDvf0vr0QrO46TbvAIgwFEKzUlqXpXgM+DaVlyaudLLQP5bG23VCx2xq:e8Iv7r36fv7UlqXpwDkYf1LQ5brlCmq

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks