Overview

overview

7

Static

static

3

a3a82c32cf...18.exe

windows7-x64

7

a3a82c32cf...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a3a82c32cf51689050f1d4d38d81e155_JaffaCakes118

  • Size

    113KB

  • Sample

    240613-dw2hfawdnj

  • MD5

    a3a82c32cf51689050f1d4d38d81e155

  • SHA1

    141822ddc25a38e1d2cabfd9acdac35caade902d

  • SHA256

    14171b192cb15343a25959e1f96fe58f4a2e443209d9fb125e33abbd7970c346

  • SHA512

    41688086b320fc98b74c9df52ab7b61eb522509c83bb0e50ec4240a89d49a3a182953dddfe301131b706b1ee475c8812b7b3d61cb3e481fe0d17ff135c79c510

  • SSDEEP

    1536:Lwql7JmQ9g7fGqgkhB9I4BcDQX2oooD+AyxArAIVJ9bayZbScKEang5V2pL:uBjGW5I46QXMmAIX1tanUV2pL

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      a3a82c32cf51689050f1d4d38d81e155_JaffaCakes118

    • Size

      113KB

    • MD5

      a3a82c32cf51689050f1d4d38d81e155

    • SHA1

      141822ddc25a38e1d2cabfd9acdac35caade902d

    • SHA256

      14171b192cb15343a25959e1f96fe58f4a2e443209d9fb125e33abbd7970c346

    • SHA512

      41688086b320fc98b74c9df52ab7b61eb522509c83bb0e50ec4240a89d49a3a182953dddfe301131b706b1ee475c8812b7b3d61cb3e481fe0d17ff135c79c510

    • SSDEEP

      1536:Lwql7JmQ9g7fGqgkhB9I4BcDQX2oooD+AyxArAIVJ9bayZbScKEang5V2pL:uBjGW5I46QXMmAIX1tanUV2pL

    Score
    7/10
    persistencespywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks