General

  • Target

    10e7cc8a58bfbf0cf1e1d62188629169_JaffaCakes118

  • Size

    6.6MB

  • Sample

    240626-gddkfaxhqe

  • MD5

    10e7cc8a58bfbf0cf1e1d62188629169

  • SHA1

    93fbe6c9dbd0e1584b1081e9811271fb839c7ffa

  • SHA256

    c4e25e418fcd2799b405484b81611446ef3c85752d4ffec073d92d116b75f841

  • SHA512

    e03e8af55dfc3d7a68625614935cd9f5acfe9cf3a74e558938255ff8c1e423ef9dd968cfbe8b3b09035d5610fb219d05d5edd161f8c1d8b5b0034b4fb489e30d

  • SSDEEP

    196608:8C+gp1DM9onJ5hrZER9xQ3jo4UR7+quBb3:jpNM9c5hlER9xA2RSXB

Malware Config

Targets

    • Target

      10e7cc8a58bfbf0cf1e1d62188629169_JaffaCakes118

    • Size

      6.6MB

    • MD5

      10e7cc8a58bfbf0cf1e1d62188629169

    • SHA1

      93fbe6c9dbd0e1584b1081e9811271fb839c7ffa

    • SHA256

      c4e25e418fcd2799b405484b81611446ef3c85752d4ffec073d92d116b75f841

    • SHA512

      e03e8af55dfc3d7a68625614935cd9f5acfe9cf3a74e558938255ff8c1e423ef9dd968cfbe8b3b09035d5610fb219d05d5edd161f8c1d8b5b0034b4fb489e30d

    • SSDEEP

      196608:8C+gp1DM9onJ5hrZER9xQ3jo4UR7+quBb3:jpNM9c5hlER9xA2RSXB

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks