Overview

overview

10

Static

static

3

0fd09d15f4...18.exe

windows7-x64

10

0fd09d15f4...18.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    0fd09d15f432d8719377f11bcf667c3e_JaffaCakes118

  • Size

    36KB

  • Sample

    240625-2rnyjs1bqp

  • MD5

    0fd09d15f432d8719377f11bcf667c3e

  • SHA1

    a22378315819b476d611e444252c9b268394e191

  • SHA256

    0e75d923716f59b4e5b2bcb249031a4cc7628f0f64ae1b9b73eeb00854a20de1

  • SHA512

    13b34ee2c9ecd706a94e40c65427170ffaad72b9cea28d9bcd40057bdedd5e519ea29699ba8a1af9d198c57d0242f9c6074210bab9ea431ea4022a368a487d0e

  • SSDEEP

    384:hI2jvAYjQj4MvyKJM5yqohTsE8/wA7q2pyqcpwxuzTa/SWQrGC0+ZN5j:hdjojvyKJdAEp4q2pyRpwgf2HC0mN5

Score
10/10
persistencespywarestealer

Malware Config

Targets

    • Target

      0fd09d15f432d8719377f11bcf667c3e_JaffaCakes118

    • Size

      36KB

    • MD5

      0fd09d15f432d8719377f11bcf667c3e

    • SHA1

      a22378315819b476d611e444252c9b268394e191

    • SHA256

      0e75d923716f59b4e5b2bcb249031a4cc7628f0f64ae1b9b73eeb00854a20de1

    • SHA512

      13b34ee2c9ecd706a94e40c65427170ffaad72b9cea28d9bcd40057bdedd5e519ea29699ba8a1af9d198c57d0242f9c6074210bab9ea431ea4022a368a487d0e

    • SSDEEP

      384:hI2jvAYjQj4MvyKJM5yqohTsE8/wA7q2pyqcpwxuzTa/SWQrGC0+ZN5j:hdjojvyKJdAEp4q2pyRpwgf2HC0mN5

    Score
    10/10
    persistencespywarestealer

    • Modifies WinLogon for persistence

      persistence

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks