General

  • Target

    0172a9e7a6ca11fa0f728531d2284f70_JaffaCakes118

  • Size

    209KB

  • Sample

    240622-fxfy8szcpa

  • MD5

    0172a9e7a6ca11fa0f728531d2284f70

  • SHA1

    ce69627e299cf2e351c7a85a4831b67f62292c62

  • SHA256

    c59a3f8092b2338dbb68cc4598ca26ac315318605929483409ab903cb1a29e72

  • SHA512

    a3abb231ddc1400c18fb200e7aa3d15fe24ac42b0b652e2178bbffcdb91500d64b2d530391692eaac191a46b1970c5540c43a4425e7ac0013634936380688538

  • SSDEEP

    6144:9Fm9graNe2yn/cVflONux/9vrGpQezUx1:9Fnrj2yn/cVflONuN9vrYQezUx1

Malware Config

Targets

    • Target

      0172a9e7a6ca11fa0f728531d2284f70_JaffaCakes118

    • Size

      209KB

    • MD5

      0172a9e7a6ca11fa0f728531d2284f70

    • SHA1

      ce69627e299cf2e351c7a85a4831b67f62292c62

    • SHA256

      c59a3f8092b2338dbb68cc4598ca26ac315318605929483409ab903cb1a29e72

    • SHA512

      a3abb231ddc1400c18fb200e7aa3d15fe24ac42b0b652e2178bbffcdb91500d64b2d530391692eaac191a46b1970c5540c43a4425e7ac0013634936380688538

    • SSDEEP

      6144:9Fm9graNe2yn/cVflONux/9vrGpQezUx1:9Fnrj2yn/cVflONuN9vrYQezUx1

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks