Overview

overview

7

Static

static

3

a01e0b6a73...18.exe

windows7-x64

7

a01e0b6a73...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a01e0b6a7310f6bf8650fe27bb95cbb0_JaffaCakes118

  • Size

    652KB

  • Sample

    240816-11c2zazeld

  • MD5

    a01e0b6a7310f6bf8650fe27bb95cbb0

  • SHA1

    11706a10d05741c5c8b1867a780d62607ba937c1

  • SHA256

    955ee9e8ae787f2d0c8941540f13c1fe4b3ef1f6206dc395201e1b26ef2fff05

  • SHA512

    a82c548e3671d97a05f61b5697a757014efa910875e316069d9c7f73354c0d3c762482c798a5667208ae17ff7c6330239096c9271e473eb6266f9109ab1ee8cc

  • SSDEEP

    12288:zTOcCf6y+YY9/y/MAIjBWg8coyQi+HC1HBxOmSWAyIP3yP/OO3z1dmaienpnm6:zTOp2YY9/5jBWP/yvcZmHA93y+k1dmV

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      a01e0b6a7310f6bf8650fe27bb95cbb0_JaffaCakes118

    • Size

      652KB

    • MD5

      a01e0b6a7310f6bf8650fe27bb95cbb0

    • SHA1

      11706a10d05741c5c8b1867a780d62607ba937c1

    • SHA256

      955ee9e8ae787f2d0c8941540f13c1fe4b3ef1f6206dc395201e1b26ef2fff05

    • SHA512

      a82c548e3671d97a05f61b5697a757014efa910875e316069d9c7f73354c0d3c762482c798a5667208ae17ff7c6330239096c9271e473eb6266f9109ab1ee8cc

    • SSDEEP

      12288:zTOcCf6y+YY9/y/MAIjBWg8coyQi+HC1HBxOmSWAyIP3yP/OO3z1dmaienpnm6:zTOp2YY9/5jBWP/yvcZmHA93y+k1dmV

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks