General

  • Target

    11131f202774ce5c79a57b5a28962d67_JaffaCakes118

  • Size

    6.9MB

  • Sample

    240626-hjlcxatdnl

  • MD5

    11131f202774ce5c79a57b5a28962d67

  • SHA1

    ce20c44e484dfa8cc447a1dc18a4a1b4426af2c1

  • SHA256

    695d996f98142c41b46d394265219f2cfc7486e48966825bb572c6c7ab5f653f

  • SHA512

    1a85ebf96ec55647b973af432e5a55d998115de72237a4ebdc2863421e75adf891513e534ef8a1ed43c723391b53c9bee567e7ab8856a653e8f6725d7a57339c

  • SSDEEP

    196608:tuC2QzF9onJ5hrZERMB2WZufOuD9LoEbPLKyPVqMCq5hqQcr:xp9c5hlERo2WmfDZnDuMqMCghlg

Malware Config

Targets

    • Target

      11131f202774ce5c79a57b5a28962d67_JaffaCakes118

    • Size

      6.9MB

    • MD5

      11131f202774ce5c79a57b5a28962d67

    • SHA1

      ce20c44e484dfa8cc447a1dc18a4a1b4426af2c1

    • SHA256

      695d996f98142c41b46d394265219f2cfc7486e48966825bb572c6c7ab5f653f

    • SHA512

      1a85ebf96ec55647b973af432e5a55d998115de72237a4ebdc2863421e75adf891513e534ef8a1ed43c723391b53c9bee567e7ab8856a653e8f6725d7a57339c

    • SSDEEP

      196608:tuC2QzF9onJ5hrZERMB2WZufOuD9LoEbPLKyPVqMCq5hqQcr:xp9c5hlERo2WmfDZnDuMqMCghlg

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks