General

  • Target

    a895e7177151d7d4a57271b3d7d5bd52_JaffaCakes118

  • Size

    74KB

  • Sample

    240614-jl7vcsvbnk

  • MD5

    a895e7177151d7d4a57271b3d7d5bd52

  • SHA1

    a88ae4f62a71d29d05fca53bc1a653760fc969ab

  • SHA256

    ebae96656834eb2f76989ac5a2b82bf176883314cf47c9e42ce410b98e6e842f

  • SHA512

    e892fe1a412a274b516505aad822adfbf8f4ba7bacdf4716e28e0adc61971e57b49f9b886050999db15ccbff581464907aa5801549a4d9a19d85665a7615a80d

  • SSDEEP

    1536:/iRLMw554Dw4SaFJ3kw3bH6W0rtdB8JruBYHvchlu18D:igARa33kw3bH6W0RzI6BYHOld

Malware Config

Targets

    • Target

      a895e7177151d7d4a57271b3d7d5bd52_JaffaCakes118

    • Size

      74KB

    • MD5

      a895e7177151d7d4a57271b3d7d5bd52

    • SHA1

      a88ae4f62a71d29d05fca53bc1a653760fc969ab

    • SHA256

      ebae96656834eb2f76989ac5a2b82bf176883314cf47c9e42ce410b98e6e842f

    • SHA512

      e892fe1a412a274b516505aad822adfbf8f4ba7bacdf4716e28e0adc61971e57b49f9b886050999db15ccbff581464907aa5801549a4d9a19d85665a7615a80d

    • SSDEEP

      1536:/iRLMw554Dw4SaFJ3kw3bH6W0rtdB8JruBYHvchlu18D:igARa33kw3bH6W0RzI6BYHOld

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks