Overview

overview

7

Static

static

3

3199fb40dc...18.exe

windows7-x64

7

3199fb40dc...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3199fb40dc14e9ac23eb210d8d2a477d_JaffaCakes118

  • Size

    784KB

  • Sample

    240709-xrktns1hng

  • MD5

    3199fb40dc14e9ac23eb210d8d2a477d

  • SHA1

    f4a014be6f6b0d5a3245d3abf901f969fe59c3e8

  • SHA256

    7524a50ad03aed44d4da40c9d5dad96e03cd2ecb4bedf14cc5cc000288e6c124

  • SHA512

    cf4dfea2c3e214eff9308dd8fe1c82a22033c3bbc7eb51237abf1f703eebf491bc1b84569487a6a9af974c3cec9823a0462dd8e81de36bae75f074af129b9526

  • SSDEEP

    12288:u/Nx7rhrXuz/dL8wm27NdNdA0r5Gh0IgOwPIpyLhuw8QsTwpVBCg:cr2/lvrLHr5rIgTIpuhEDTwpLf

Score
7/10
collectionpersistencespywarestealer

Malware Config

Targets

    • Target

      3199fb40dc14e9ac23eb210d8d2a477d_JaffaCakes118

    • Size

      784KB

    • MD5

      3199fb40dc14e9ac23eb210d8d2a477d

    • SHA1

      f4a014be6f6b0d5a3245d3abf901f969fe59c3e8

    • SHA256

      7524a50ad03aed44d4da40c9d5dad96e03cd2ecb4bedf14cc5cc000288e6c124

    • SHA512

      cf4dfea2c3e214eff9308dd8fe1c82a22033c3bbc7eb51237abf1f703eebf491bc1b84569487a6a9af974c3cec9823a0462dd8e81de36bae75f074af129b9526

    • SSDEEP

      12288:u/Nx7rhrXuz/dL8wm27NdNdA0r5Gh0IgOwPIpyLhuw8QsTwpVBCg:cr2/lvrLHr5rIgTIpuhEDTwpLf

    Score
    7/10
    collectionpersistencespywarestealer

    • Loads dropped DLL

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Modifies WinLogon

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks