Overview

overview

7

Static

static

3

89e5bfc54a...18.exe

windows7-x64

7

89e5bfc54a...18.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    89e5bfc54abd5717369424d74979f764_JaffaCakes118

  • Size

    96KB

  • Sample

    240811-lref4syckf

  • MD5

    89e5bfc54abd5717369424d74979f764

  • SHA1

    8296ed2c54b0d2c38c6b2f7bab3bcb3540808078

  • SHA256

    d1a572b5ec53459c74037434f7ea3704612a78b86fa9c22ffae9f175993db30d

  • SHA512

    e89b04abaf866387536d4aa1aeb2b2d994f70ef4461a961dd139001c7a908eb83d713938022d379d64dd27ae05d68fff81d88cd527fb354b6c409f0eb82aefef

  • SSDEEP

    3072:j6vnscG5V6ucF0TRFuLz/LcdGNbzfh0oQgJzTtgq0XmZTRQoeE7V:jkjcRFuLz/LcdGNbzfh0oQgJzTtgq0XY

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      89e5bfc54abd5717369424d74979f764_JaffaCakes118

    • Size

      96KB

    • MD5

      89e5bfc54abd5717369424d74979f764

    • SHA1

      8296ed2c54b0d2c38c6b2f7bab3bcb3540808078

    • SHA256

      d1a572b5ec53459c74037434f7ea3704612a78b86fa9c22ffae9f175993db30d

    • SHA512

      e89b04abaf866387536d4aa1aeb2b2d994f70ef4461a961dd139001c7a908eb83d713938022d379d64dd27ae05d68fff81d88cd527fb354b6c409f0eb82aefef

    • SSDEEP

      3072:j6vnscG5V6ucF0TRFuLz/LcdGNbzfh0oQgJzTtgq0XmZTRQoeE7V:jkjcRFuLz/LcdGNbzfh0oQgJzTtgq0XY

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks