General

  • Target

    5a165c7d791eb039603854d9a7fefcca_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240729-xp378svdnj

  • MD5

    5a165c7d791eb039603854d9a7fefcca

  • SHA1

    b47cbbef36f0f56c48612f3033e2a039ed1c9297

  • SHA256

    cec32706a7a76daa87ce84e365bbcd42d277f47cae98b60fdc1c0eae2cb30983

  • SHA512

    559dd55734420caf1495014740b8ebbab78edb9f62c6d1583e26c0166da69cbe622408c1b9e8e5a26944112870d70ab3d982f116845f64ae90e8782246698b00

  • SSDEEP

    24576:YyBYrjP6+mBfD5Tyou/bkeildtibxz0NfO64deBZMp:miZ5TyoCb8l/ibWpO6fvMp

Malware Config

Targets

    • Target

      5a165c7d791eb039603854d9a7fefcca_JaffaCakes118

    • Size

      1.2MB

    • MD5

      5a165c7d791eb039603854d9a7fefcca

    • SHA1

      b47cbbef36f0f56c48612f3033e2a039ed1c9297

    • SHA256

      cec32706a7a76daa87ce84e365bbcd42d277f47cae98b60fdc1c0eae2cb30983

    • SHA512

      559dd55734420caf1495014740b8ebbab78edb9f62c6d1583e26c0166da69cbe622408c1b9e8e5a26944112870d70ab3d982f116845f64ae90e8782246698b00

    • SSDEEP

      24576:YyBYrjP6+mBfD5Tyou/bkeildtibxz0NfO64deBZMp:miZ5TyoCb8l/ibWpO6fvMp

    • MassLogger

      Masslogger is a .NET stealer targeting passwords from browsers, email and cryptocurrency clients.

    • MassLogger Main payload

    • Deletes itself

    • Indicator Removal: File Deletion

      Adversaries may delete files left behind by the actions of their intrusion activity.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks