General

  • Target

    914a92fcc92b5f786a45c0d0391f1fb7_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240603-lhv3habd87

  • MD5

    914a92fcc92b5f786a45c0d0391f1fb7

  • SHA1

    3482f26670e1e6d995276e5130973bc8921aea54

  • SHA256

    be96bb6c6b3769dbeaeb1f28ccb166dbe6ccb9834899542f7e2ddcd1cf2b0b4d

  • SHA512

    f106e0c451743a52b537ab07a4b3300084d3d35bc6548f5ab77bb1389ad9fa9c86e7adc237f8b02b07011c7e6a58570929c3487e9bc9da406e565a9378b2bf60

  • SSDEEP

    24576:pxGGE9zbeBpoLZWf/SLEnT8m0+G18eorO0D:Te3ipGcf/SLEnYbcO0D

Malware Config

Targets

    • Target

      914a92fcc92b5f786a45c0d0391f1fb7_JaffaCakes118

    • Size

      1.0MB

    • MD5

      914a92fcc92b5f786a45c0d0391f1fb7

    • SHA1

      3482f26670e1e6d995276e5130973bc8921aea54

    • SHA256

      be96bb6c6b3769dbeaeb1f28ccb166dbe6ccb9834899542f7e2ddcd1cf2b0b4d

    • SHA512

      f106e0c451743a52b537ab07a4b3300084d3d35bc6548f5ab77bb1389ad9fa9c86e7adc237f8b02b07011c7e6a58570929c3487e9bc9da406e565a9378b2bf60

    • SSDEEP

      24576:pxGGE9zbeBpoLZWf/SLEnT8m0+G18eorO0D:Te3ipGcf/SLEnYbcO0D

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks