Overview

overview

7

Static

static

3

01da11af14...18.exe

windows7-x64

7

01da11af14...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    01da11af147e177e4f31d2a0d9340d6b_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240727-2wpqmsshjk

  • MD5

    01da11af147e177e4f31d2a0d9340d6b

  • SHA1

    9651128b34b68e9f92fb323462e362685eebe88b

  • SHA256

    39b8c7b31465e114eb44376a27ac402918d9ba6db01700bded61b0d88af63244

  • SHA512

    73a012ad467c90763b11c84df123022212f242f5f75600d5d796445bb8571b6a0b16d25c4dc11fe8d8d210f178bdab5a9ffc4f7a6997b0f491958ab7e08a1ba6

  • SSDEEP

    24576:2WCr2SLlnnb8SJfa4cn3DpvawhQ8MoPoE8IiQiThV2FBRXtGNoeVb7ZKh4WZM:zCrlnLJfE3nQ8LgjQ40BRXtGNosvZ7kM

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      01da11af147e177e4f31d2a0d9340d6b_JaffaCakes118

    • Size

      1.2MB

    • MD5

      01da11af147e177e4f31d2a0d9340d6b

    • SHA1

      9651128b34b68e9f92fb323462e362685eebe88b

    • SHA256

      39b8c7b31465e114eb44376a27ac402918d9ba6db01700bded61b0d88af63244

    • SHA512

      73a012ad467c90763b11c84df123022212f242f5f75600d5d796445bb8571b6a0b16d25c4dc11fe8d8d210f178bdab5a9ffc4f7a6997b0f491958ab7e08a1ba6

    • SSDEEP

      24576:2WCr2SLlnnb8SJfa4cn3DpvawhQ8MoPoE8IiQiThV2FBRXtGNoeVb7ZKh4WZM:zCrlnLJfE3nQ8LgjQ40BRXtGNosvZ7kM

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks