General

  • Target

    0281978e3d671c24d6b1087cca84a814_JaffaCakes118

  • Size

    315KB

  • Sample

    240622-rbwy4svdpp

  • MD5

    0281978e3d671c24d6b1087cca84a814

  • SHA1

    982e973527e0127d993484d6f2fe8d3d29eacb77

  • SHA256

    65fadedbdc221483b098b64c8b3f20e974b8cf2b8b900ad55bbde59406a4604f

  • SHA512

    9ded117c5fae619fb3d09a26320ff7cf988d3171ee5785e8f891a028be2b6b98fca9cbb84d16055b1d05b789f80745915487fd382adfbba23bac077a90b3307b

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4sc4UkHLTYpclm4OXJhtXpsqvHkleZ:91OgLdacU7wgDtZTE8

Malware Config

Targets

    • Target

      0281978e3d671c24d6b1087cca84a814_JaffaCakes118

    • Size

      315KB

    • MD5

      0281978e3d671c24d6b1087cca84a814

    • SHA1

      982e973527e0127d993484d6f2fe8d3d29eacb77

    • SHA256

      65fadedbdc221483b098b64c8b3f20e974b8cf2b8b900ad55bbde59406a4604f

    • SHA512

      9ded117c5fae619fb3d09a26320ff7cf988d3171ee5785e8f891a028be2b6b98fca9cbb84d16055b1d05b789f80745915487fd382adfbba23bac077a90b3307b

    • SSDEEP

      6144:91OgDPdkBAFZWjadD4sc4UkHLTYpclm4OXJhtXpsqvHkleZ:91OgLdacU7wgDtZTE8

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks