General

  • Target

    93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240604-a75sfsgb76

  • MD5

    93313e5c1a1d77a8fe8509c6037a0142

  • SHA1

    752cf21b7d9e7aac4193bbb7ecc876cd7ccf2de6

  • SHA256

    d2b1357d6e7ae3def93f909659a4687b7804eee2446347ae9563a5bd73fc1237

  • SHA512

    9e76abfebd3db56b76ece15f94a503be9d270516a16629ce34eb8fa07a4a4ac00f041c1a348f38f747a6773f71222a79d294ab205c8c0ea992df936be46ff2a6

  • SSDEEP

    24576:gwLdS3Pj1/riyZn3JJ77bw3ol+YTx4IKhA4kIAA3oKq/XElE+GmK+qM:3BU1Ti0ZJ77bw3AoA4BABKUgGno

Malware Config

Targets

    • Target

      93313e5c1a1d77a8fe8509c6037a0142_JaffaCakes118

    • Size

      1.5MB

    • MD5

      93313e5c1a1d77a8fe8509c6037a0142

    • SHA1

      752cf21b7d9e7aac4193bbb7ecc876cd7ccf2de6

    • SHA256

      d2b1357d6e7ae3def93f909659a4687b7804eee2446347ae9563a5bd73fc1237

    • SHA512

      9e76abfebd3db56b76ece15f94a503be9d270516a16629ce34eb8fa07a4a4ac00f041c1a348f38f747a6773f71222a79d294ab205c8c0ea992df936be46ff2a6

    • SSDEEP

      24576:gwLdS3Pj1/riyZn3JJ77bw3ol+YTx4IKhA4kIAA3oKq/XElE+GmK+qM:3BU1Ti0ZJ77bw3AoA4BABKUgGno

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks