General

  • Target

    8c0287449e18e0adf8bc49cb4ed18b94_JaffaCakes118

  • Size

    3.0MB

  • Sample

    240601-2fhmdshf83

  • MD5

    8c0287449e18e0adf8bc49cb4ed18b94

  • SHA1

    60e52d78b0ac6f9779fb9eb8951f5427de16c8e9

  • SHA256

    4ef602d215b6e8b19de16bb5179a66b95b4bbe0e7a8c265e70d095a3167f9890

  • SHA512

    e2ea10b6c1c93b7a9e1c115f435e5ca14fd51232f97a697651f73c65e883b03ebf2dacfc5022a0e677ba90796377812088e26898362e19548719a8d654ab8f31

  • SSDEEP

    49152:eH7FV0G8s2wgHRDN574zEmecx23rblarfD5GIdVmTgZ/lR5QSEB3tyXzCYcOugZI:wFnuRp574znIbbYfD1ik/lQ1B9y2kug2

Score
7/10

Malware Config

Targets

    • Target

      App.exe

    • Size

      4.8MB

    • MD5

      7c48a962cb675d7f6ed55058ae079d01

    • SHA1

      f04655359d23606528838b2ddeaee058a60a3953

    • SHA256

      30981c282b8bb1d5b28f1050175bbdc4749e441ec7186284ccde8d4d8f4fccfd

    • SHA512

      947c90794fa394557a07a272bf092bbeeea69e09f357a5467be4652029f4b4d6fdf14f84ee86c5c99279c4f38142c2d9b4db8289224f3e3e94fd1f1af5f13699

    • SSDEEP

      49152:UCrIKgHpD7bhGzCisM1E3B/dKrjZlGa3jomPDvX/xROmz4TXYq0uTcOuGcDLTdz1:RcpPbhGzzcR/cjZImPD/yEuNuGYTdsy

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks