Overview

overview

7

Static

static

3

842edd2681...18.exe

windows7-x64

7

842edd2681...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    842edd2681b5dae1ebeaa989fb404741_JaffaCakes118

  • Size

    32KB

  • Sample

    240530-pr95kaaa54

  • MD5

    842edd2681b5dae1ebeaa989fb404741

  • SHA1

    fecb8b5569a9a67ae3cade1daaa4456d033f07b7

  • SHA256

    9833c15741f82e7e63ffa3ab295803cfc9ec650601de72e03627c24af69f307a

  • SHA512

    f3474ef44bad342126d8fceaeafebe5ddec4bbabdbcd76abfc010b3cab464eea650c99edfeed662fc50da043d34a013da35b42ce47b1a2ba15564019c1279c93

  • SSDEEP

    768:lCywql7JmQOsgC798kr86Hhba1P85HDS6wq3By:Lwql7JmQ9g7f6Hh+a3By

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      842edd2681b5dae1ebeaa989fb404741_JaffaCakes118

    • Size

      32KB

    • MD5

      842edd2681b5dae1ebeaa989fb404741

    • SHA1

      fecb8b5569a9a67ae3cade1daaa4456d033f07b7

    • SHA256

      9833c15741f82e7e63ffa3ab295803cfc9ec650601de72e03627c24af69f307a

    • SHA512

      f3474ef44bad342126d8fceaeafebe5ddec4bbabdbcd76abfc010b3cab464eea650c99edfeed662fc50da043d34a013da35b42ce47b1a2ba15564019c1279c93

    • SSDEEP

      768:lCywql7JmQOsgC798kr86Hhba1P85HDS6wq3By:Lwql7JmQ9g7f6Hh+a3By

    Score
    7/10
    persistencespywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks