General

  • Target

    9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118

  • Size

    4.3MB

  • Sample

    240611-zwgc6a1gmc

  • MD5

    9f81cdc3845968aef99cef9aa4fa2716

  • SHA1

    fa00dbfa3033d6e303baff3be9f9703907b0669f

  • SHA256

    b43cc51378c1db0c67ef551e9e1ba1a202d4e785e6114f1c802edc7d48ed786a

  • SHA512

    83c6ba2a62946c24bdaac6f8142ef790ac74e29c13093f577ba99aa09cfc8d4dd1589d935a9ec8b31d1e58935533cc5e1ff960ee667fcca83e7b4bc65c978780

  • SSDEEP

    98304:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYLYSHinQpUt/YV5DyzFf:ajHYOpCm/s9y

Malware Config

Targets

    • Target

      9f81cdc3845968aef99cef9aa4fa2716_JaffaCakes118

    • Size

      4.3MB

    • MD5

      9f81cdc3845968aef99cef9aa4fa2716

    • SHA1

      fa00dbfa3033d6e303baff3be9f9703907b0669f

    • SHA256

      b43cc51378c1db0c67ef551e9e1ba1a202d4e785e6114f1c802edc7d48ed786a

    • SHA512

      83c6ba2a62946c24bdaac6f8142ef790ac74e29c13093f577ba99aa09cfc8d4dd1589d935a9ec8b31d1e58935533cc5e1ff960ee667fcca83e7b4bc65c978780

    • SSDEEP

      98304:aqSh5zRZwYeMMIV3PsU6Z8y6TaOphYLYSHinQpUt/YV5DyzFf:ajHYOpCm/s9y

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks