General

  • Target

    293aee613eed2b8c2ba86abf531b6df4_JaffaCakes118

  • Size

    939KB

  • Sample

    240509-kzk37acg57

  • MD5

    293aee613eed2b8c2ba86abf531b6df4

  • SHA1

    f4b2a6e1a27534f655928be659408c66d7423ea2

  • SHA256

    4be636f356d0a76014b1db750a782dd75d274e489901c5ad6daf2a5ea003c95b

  • SHA512

    e9051b7ca8004a30b8b7c36f413194fb647f91c24d21391ddc786ca88de28991b679b64f3849651866b23ab85af7d639523fb0a07a31679e235af87d61e500a7

  • SSDEEP

    24576:Gh1n2Ltlpm+x/KSLtk39tyJSxzX5XD2C0q2sJJsOOLfdUrZxt:8d2Zlk+ptk3JZl305sJaLmZxt

Malware Config

Targets

    • Target

      293aee613eed2b8c2ba86abf531b6df4_JaffaCakes118

    • Size

      939KB

    • MD5

      293aee613eed2b8c2ba86abf531b6df4

    • SHA1

      f4b2a6e1a27534f655928be659408c66d7423ea2

    • SHA256

      4be636f356d0a76014b1db750a782dd75d274e489901c5ad6daf2a5ea003c95b

    • SHA512

      e9051b7ca8004a30b8b7c36f413194fb647f91c24d21391ddc786ca88de28991b679b64f3849651866b23ab85af7d639523fb0a07a31679e235af87d61e500a7

    • SSDEEP

      24576:Gh1n2Ltlpm+x/KSLtk39tyJSxzX5XD2C0q2sJJsOOLfdUrZxt:8d2Zlk+ptk3JZl305sJaLmZxt

    • Detect ZGRat V1

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    • MassLogger Main payload

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Accesses Microsoft Outlook profiles

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks