General

  • Target

    04fd1f3a4fa0c7d3598c5de98046777c_JaffaCakes118

  • Size

    315KB

  • Sample

    240623-dfghbsxcng

  • MD5

    04fd1f3a4fa0c7d3598c5de98046777c

  • SHA1

    c08308837ddfefb8f335beedf9b0cbdd613e2d4c

  • SHA256

    a2153d576fe96ef13c1480a163f5c3f7da319b1ae07cc9be21131398aea9fb08

  • SHA512

    44f138d81d518670684f1566713ca898a9a2aa8562ed462bb6de999a9892c4adef56e83169ff055cd0be000ce1db8817f2512f577e0c4d808f6792f1c43f970f

  • SSDEEP

    6144:fO2vq6gyy4SwNKV7a1oQDtLdMGiqB+Y1rdQAzhhzwRm5AyitoIYfdjEXvjUTRBOr:22vq2ybwNKcxxhMs0KdfzbOLeIYhEYOr

Malware Config

Targets

    • Target

      04fd1f3a4fa0c7d3598c5de98046777c_JaffaCakes118

    • Size

      315KB

    • MD5

      04fd1f3a4fa0c7d3598c5de98046777c

    • SHA1

      c08308837ddfefb8f335beedf9b0cbdd613e2d4c

    • SHA256

      a2153d576fe96ef13c1480a163f5c3f7da319b1ae07cc9be21131398aea9fb08

    • SHA512

      44f138d81d518670684f1566713ca898a9a2aa8562ed462bb6de999a9892c4adef56e83169ff055cd0be000ce1db8817f2512f577e0c4d808f6792f1c43f970f

    • SSDEEP

      6144:fO2vq6gyy4SwNKV7a1oQDtLdMGiqB+Y1rdQAzhhzwRm5AyitoIYfdjEXvjUTRBOr:22vq2ybwNKcxxhMs0KdfzbOLeIYhEYOr

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

MITRE ATT&CK Enterprise v15

Tasks