General

  • Target

    6987d8a5d18d7f347f1187d5a2699bef_JaffaCakes118

  • Size

    717KB

  • Sample

    240523-djtxtsbg38

  • MD5

    6987d8a5d18d7f347f1187d5a2699bef

  • SHA1

    128b4097adfd3f893172ca79cb3c6ee611d00713

  • SHA256

    0570334abf55834197fe0718288b505967ffa42d2b8776b5142150cc18809b2d

  • SHA512

    e357e8407c78a83a1767c6f88391811413a18936998c4bd0849832c403cf5d53929ccda2864e082e8f6e0397d1a0a131ef2da673faf55ede04d1857f4d0d2499

  • SSDEEP

    12288:BKnekrL58cjIoKtXfql1+NtlnYVWQD6CuRo4bD6HtweJ11QdFYEDRafZ6:OLicj45I1wtqWQDPuRJ4ZJPCvaA

Malware Config

Targets

    • Target

      6987d8a5d18d7f347f1187d5a2699bef_JaffaCakes118

    • Size

      717KB

    • MD5

      6987d8a5d18d7f347f1187d5a2699bef

    • SHA1

      128b4097adfd3f893172ca79cb3c6ee611d00713

    • SHA256

      0570334abf55834197fe0718288b505967ffa42d2b8776b5142150cc18809b2d

    • SHA512

      e357e8407c78a83a1767c6f88391811413a18936998c4bd0849832c403cf5d53929ccda2864e082e8f6e0397d1a0a131ef2da673faf55ede04d1857f4d0d2499

    • SSDEEP

      12288:BKnekrL58cjIoKtXfql1+NtlnYVWQD6CuRo4bD6HtweJ11QdFYEDRafZ6:OLicj45I1wtqWQDPuRJ4ZJPCvaA

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks