Overview

overview

7

Static

static

3

8e10163f9a...18.exe

windows7-x64

7

8e10163f9a...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8e10163f9ada9da7502d64fe844e9ad5_JaffaCakes118

  • Size

    142KB

  • Sample

    240812-kllskatcjj

  • MD5

    8e10163f9ada9da7502d64fe844e9ad5

  • SHA1

    1cb8f13f77852a35da62f5d3c8052fb0448694c6

  • SHA256

    9eb0c24c703bc4cca009447351b036bc609bced72a80b781699277e6f7515ddd

  • SHA512

    6d3bf6b9613b6993660fd5458c0cfbd8160094be970aab4756b2fcb46ba997b63a6425b64c72c60f3dc8349f2b2cee0a01a87fb9ca9548fec11fc373c3cc1f26

  • SSDEEP

    3072:Z4elsUeaEXW6BQZv6NSgapKbDsnplerDRBjZqMNqd:ZpyrZdBQZvGakbHxvq

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      8e10163f9ada9da7502d64fe844e9ad5_JaffaCakes118

    • Size

      142KB

    • MD5

      8e10163f9ada9da7502d64fe844e9ad5

    • SHA1

      1cb8f13f77852a35da62f5d3c8052fb0448694c6

    • SHA256

      9eb0c24c703bc4cca009447351b036bc609bced72a80b781699277e6f7515ddd

    • SHA512

      6d3bf6b9613b6993660fd5458c0cfbd8160094be970aab4756b2fcb46ba997b63a6425b64c72c60f3dc8349f2b2cee0a01a87fb9ca9548fec11fc373c3cc1f26

    • SSDEEP

      3072:Z4elsUeaEXW6BQZv6NSgapKbDsnplerDRBjZqMNqd:ZpyrZdBQZvGakbHxvq

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks