General

  • Target

    66c50ac467d1171572df6dfc108678af_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240522-k9mprsae61

  • MD5

    66c50ac467d1171572df6dfc108678af

  • SHA1

    04365243008e8df093ceba7dde0d30cd2f3c2acd

  • SHA256

    24a2eaba680ef9e48841fb88e6f2d7bdeb301b55b33a38f320e9619f6ed7a74b

  • SHA512

    04aaf024046692331cf2e0067329567cdbcf58f95fdb7db53875d78c17f8955f4a367f4cea4891ef37d1238a99121743cf25dbdc53cd219e58c8e5103176a8bb

  • SSDEEP

    24576:z+pUFy+woYqfqgKFah67z1Z1kDIq1u0QLEoL9D6lNWz6L/Fc0psu1:z+5oYwKxD1kDlu5LEoLFgT

Malware Config

Targets

    • Target

      66c50ac467d1171572df6dfc108678af_JaffaCakes118

    • Size

      1.3MB

    • MD5

      66c50ac467d1171572df6dfc108678af

    • SHA1

      04365243008e8df093ceba7dde0d30cd2f3c2acd

    • SHA256

      24a2eaba680ef9e48841fb88e6f2d7bdeb301b55b33a38f320e9619f6ed7a74b

    • SHA512

      04aaf024046692331cf2e0067329567cdbcf58f95fdb7db53875d78c17f8955f4a367f4cea4891ef37d1238a99121743cf25dbdc53cd219e58c8e5103176a8bb

    • SSDEEP

      24576:z+pUFy+woYqfqgKFah67z1Z1kDIq1u0QLEoL9D6lNWz6L/Fc0psu1:z+5oYwKxD1kDlu5LEoLFgT

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Registers COM server for autorun

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks