General

  • Target

    08bcd418aeb3d497538fd90d77b1a748_JaffaCakes118

  • Size

    211KB

  • Sample

    240624-qjgnqaxekp

  • MD5

    08bcd418aeb3d497538fd90d77b1a748

  • SHA1

    4e357e4b803fa5aca6df682fddb3664d5fe1fa7e

  • SHA256

    31aabd84716f6d792dec4dadf15675e94b79e6673bda4e39a1a21e43f5fdbd63

  • SHA512

    640350e132f794c76d71011e819bb8b4785a059be396ef330676c5f5b3914c9c57b02936f9f22653325bb14894d698c49204924ba4af38adde1b4d3b7ed88277

  • SSDEEP

    3072:0MnRoDWThRG0Jw0tqS+53QhMuQOnxXpExCtHXL7FT2s6hPpJqQmUjixwXg9FClZ:0MBTzqv3O9pExCtdt6hPbYoixww9FuZ

Score
7/10

Malware Config

Targets

    • Target

      08bcd418aeb3d497538fd90d77b1a748_JaffaCakes118

    • Size

      211KB

    • MD5

      08bcd418aeb3d497538fd90d77b1a748

    • SHA1

      4e357e4b803fa5aca6df682fddb3664d5fe1fa7e

    • SHA256

      31aabd84716f6d792dec4dadf15675e94b79e6673bda4e39a1a21e43f5fdbd63

    • SHA512

      640350e132f794c76d71011e819bb8b4785a059be396ef330676c5f5b3914c9c57b02936f9f22653325bb14894d698c49204924ba4af38adde1b4d3b7ed88277

    • SSDEEP

      3072:0MnRoDWThRG0Jw0tqS+53QhMuQOnxXpExCtHXL7FT2s6hPpJqQmUjixwXg9FClZ:0MBTzqv3O9pExCtdt6hPbYoixww9FuZ

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

MITRE ATT&CK Enterprise v15

Tasks