General

  • Target

    2801ab770525d44d1b4a4220c7a6f9cf_JaffaCakes118

  • Size

    9.3MB

  • Sample

    240509-dm2f3saa92

  • MD5

    2801ab770525d44d1b4a4220c7a6f9cf

  • SHA1

    348d48acf2d3df587c83a6b42d40ed76a08da663

  • SHA256

    5e98fa02dbac05f74d7b4da268f2652773390e8bd00cd9a9550e26cb1750f96e

  • SHA512

    8b8456f575dda327b6a82a846dd648e803fd9ba8f887d979f63511b9fd0c6bfbe83bd9718df914e4dc0bec2c5e04279842432c1c80fa3e7179c99b9195603c0f

  • SSDEEP

    196608:TeLg39onJ5hrZERVM+ENFJzFcguY48RmU/3ZlsPv+W+8Tbi8CmKXt4u:KS9c5hlERVMRFJzFcguYtN3ZW79bUm

Malware Config

Targets

    • Target

      2801ab770525d44d1b4a4220c7a6f9cf_JaffaCakes118

    • Size

      9.3MB

    • MD5

      2801ab770525d44d1b4a4220c7a6f9cf

    • SHA1

      348d48acf2d3df587c83a6b42d40ed76a08da663

    • SHA256

      5e98fa02dbac05f74d7b4da268f2652773390e8bd00cd9a9550e26cb1750f96e

    • SHA512

      8b8456f575dda327b6a82a846dd648e803fd9ba8f887d979f63511b9fd0c6bfbe83bd9718df914e4dc0bec2c5e04279842432c1c80fa3e7179c99b9195603c0f

    • SSDEEP

      196608:TeLg39onJ5hrZERVM+ENFJzFcguY48RmU/3ZlsPv+W+8Tbi8CmKXt4u:KS9c5hlERVMRFJzFcguYtN3ZW79bUm

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks