General

  • Target

    02a3ac6f9cef56c354be8207b9ec347f_JaffaCakes118

  • Size

    4.2MB

  • Sample

    240620-ek9v4sxfne

  • MD5

    02a3ac6f9cef56c354be8207b9ec347f

  • SHA1

    0db68a8efb682f75a6ef53b28d9c4857b47e1cbd

  • SHA256

    e388f211b7773443e09862bfbf2e4cd896e304ecfc0bafa73abeb646b1862baa

  • SHA512

    c57a73691c8c36cbcba01861d28d0c917de6ca2e74098a5faab5b6611dc56d1ceea7179bc6c66238d4c3c780ab3faf770354abc892bb086c495c6473625b7885

  • SSDEEP

    98304:BuukenKgDDMV5wFRC8RtUC2fVGM4c2f8XQQdNH76XesDGz43cm0M0dUg0a:Buuk+KjV5uRCStpSVd4c2f8gal6Xj2Xt

Malware Config

Targets

    • Target

      02a3ac6f9cef56c354be8207b9ec347f_JaffaCakes118

    • Size

      4.2MB

    • MD5

      02a3ac6f9cef56c354be8207b9ec347f

    • SHA1

      0db68a8efb682f75a6ef53b28d9c4857b47e1cbd

    • SHA256

      e388f211b7773443e09862bfbf2e4cd896e304ecfc0bafa73abeb646b1862baa

    • SHA512

      c57a73691c8c36cbcba01861d28d0c917de6ca2e74098a5faab5b6611dc56d1ceea7179bc6c66238d4c3c780ab3faf770354abc892bb086c495c6473625b7885

    • SSDEEP

      98304:BuukenKgDDMV5wFRC8RtUC2fVGM4c2f8XQQdNH76XesDGz43cm0M0dUg0a:Buuk+KjV5uRCStpSVd4c2f8gal6Xj2Xt

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks