Overview

overview

7

Static

static

3

8b4b919616...18.exe

windows7-x64

7

8b4b919616...18.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8b4b919616fe2147d682bf72be22702a_JaffaCakes118

  • Size

    3.4MB

  • Sample

    240811-v2ts8azaqp

  • MD5

    8b4b919616fe2147d682bf72be22702a

  • SHA1

    73f7d942ae6816b24e150573a0a707869296a01d

  • SHA256

    d3d1f9bb9c14e22d9b2ef3be231007f410712151df0b20d778a68b747131bd06

  • SHA512

    268bb299838d4a40f760206a30458db9c131b5489cf454ab48ef36e817cfa82f8a4be5d173e7193e55d1b9717027eb404dbbb4a93ce9d13042903fc0610e7597

  • SSDEEP

    49152:ND2dnYR2i7zAJDbai+0zq7xEVSDWcesbzCw/Qa1/AM/aD2dnYR2i7zAJDbaO:52i7zu+/bzCfcA6g2i7zy

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      8b4b919616fe2147d682bf72be22702a_JaffaCakes118

    • Size

      3.4MB

    • MD5

      8b4b919616fe2147d682bf72be22702a

    • SHA1

      73f7d942ae6816b24e150573a0a707869296a01d

    • SHA256

      d3d1f9bb9c14e22d9b2ef3be231007f410712151df0b20d778a68b747131bd06

    • SHA512

      268bb299838d4a40f760206a30458db9c131b5489cf454ab48ef36e817cfa82f8a4be5d173e7193e55d1b9717027eb404dbbb4a93ce9d13042903fc0610e7597

    • SSDEEP

      49152:ND2dnYR2i7zAJDbai+0zq7xEVSDWcesbzCw/Qa1/AM/aD2dnYR2i7zAJDbaO:52i7zu+/bzCfcA6g2i7zy

    Score
    7/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks