General

  • Target

    145933230e33ef7aa37fc39264ac5b64_JaffaCakes118

  • Size

    8.4MB

  • Sample

    240627-cwxzks1blq

  • MD5

    145933230e33ef7aa37fc39264ac5b64

  • SHA1

    5c0aa711fc982ba1fc51f8dfac8ffe81010000ec

  • SHA256

    bd285ad248294d84f883d78dcf714726af9caaaea82d868776029cec96079500

  • SHA512

    50f301d7ef15fc1dd1ba72069cd3d2a59cf95b4ac937d9d058f1b4370ae45e9d9784849657a2c855ff2f9b06ae3a69a6c93fa0d946680f1ec41d58de8c8df5b8

  • SSDEEP

    196608:KKWzrMFNP1SuVNSAJ9onJ5hrZEnhbJMFjhkTLZYilId8fcCUlmA:cY3P1HfJ9c5hlEnhyFeTLZYL8S

Malware Config

Targets

    • Target

      145933230e33ef7aa37fc39264ac5b64_JaffaCakes118

    • Size

      8.4MB

    • MD5

      145933230e33ef7aa37fc39264ac5b64

    • SHA1

      5c0aa711fc982ba1fc51f8dfac8ffe81010000ec

    • SHA256

      bd285ad248294d84f883d78dcf714726af9caaaea82d868776029cec96079500

    • SHA512

      50f301d7ef15fc1dd1ba72069cd3d2a59cf95b4ac937d9d058f1b4370ae45e9d9784849657a2c855ff2f9b06ae3a69a6c93fa0d946680f1ec41d58de8c8df5b8

    • SSDEEP

      196608:KKWzrMFNP1SuVNSAJ9onJ5hrZEnhbJMFjhkTLZYilId8fcCUlmA:cY3P1HfJ9c5hlEnhyFeTLZYL8S

    Score
    7/10
    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Legitimate hosting services abused for malware hosting/C2

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks