General

  • Target

    c81ad8df886df3fd8d31063a3b46e434_JaffaCakes118

  • Size

    2.9MB

  • Sample

    240829-dbqv7szfph

  • MD5

    c81ad8df886df3fd8d31063a3b46e434

  • SHA1

    2323b858cce4161662030b1fcf247154a3332d65

  • SHA256

    de383d620704e530a8375619c5540c10821db5ecb25d65b48ef55864e1a575d5

  • SHA512

    7c6b3473e08a4de9cb671ec90351875e5a5841681ce903a84b0d9d11c9057dc97d7662a1c5f8ac73c0c23f5bd8e89e8eb598a3a902852552bed15690a1a560d8

  • SSDEEP

    49152:JnE3z3yTIS3hYB7WCKT8Q1Gr23U59aCvFe65bsZVKlTGt2xD1Y1RjIy/kbt//rWa:hETyTf3hYUJT8sr3UHXFGVKCUD1SIy/E

Malware Config

Targets

    • Target

      GetInfo.exe

    • Size

      853KB

    • MD5

      0a9ce3402fbb81d4753bbde8287687eb

    • SHA1

      9543582aa9d73f79542f6795e14bbdb38b285cc1

    • SHA256

      9c08153466efff98e4a406ecc807120c8ef37f996c2477fdbf45372346bbbb6d

    • SHA512

      5fec363ac4bc3281c4b43d8486838ab730b846173e3d06d87adfc26e66f9e135e05f0af7e9e1e329426855ac5f2d6f2fc121df952f170ef2370a05544e3889be

    • SSDEEP

      12288:hLKI9hOPYtNE6r+KwXHwW2uiVCMX+0WRkSC5JA3rs35nshWWT7MEPX:hLKIIBiUAW2uiVBXYk/A7s3ER

    Score
    3/10
    • Target

      IDBLK_TIMING.dll

    • Size

      3.2MB

    • MD5

      9f435a7fc8c0f480038f13e7f9c08bfe

    • SHA1

      3ebf72b929020c0b66fa21ade8dbfde28dd0c4f4

    • SHA256

      9deb35f7d378d05a95b6cf8fd03bb5dda1b3bc321604cac2bb79626872f3ae89

    • SHA512

      5b2e21d6a495cde88aa1e1819a65148107e8ca68e07bb1cbd1a7f7b9f6381a6ca105be5a8686bf8931c62a476aea2da06fbce7cd1aef6330c222e5fd6105de30

    • SSDEEP

      24576:brGPgNJgDoGFCv0wCNpAI3OZ0L1Bi1mZTxwr:Y

    Score
    3/10
    • Target

      MPALL_F1_EC00_v363_0D.exe

    • Size

      2.0MB

    • MD5

      035254b6d72c5ca8fbc429f7ada9b35a

    • SHA1

      41beb7620a9f97dd1cae11f54bfe1c463a40ab02

    • SHA256

      e1c240ec6e3e830c3faab7d1da32512d1f79cf9df14b7f012a446e28f3d5b5cd

    • SHA512

      099d0d86989434f87b52b312cb779539d2eeb9253d9932cecae98a842b0f738686f31eae89dfb07df39974305716eb348660e51a0db7cb7086ccd5eda8d700e8

    • SSDEEP

      49152:m10+k5MqYJbQqDH/4vBC9rB/O0K4dxoO7:tMqY5QqDHGBC9rxO0RD7

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • Drops file in Drivers directory

    • Target

      MPALL_F2_v363_0D.exe

    • Size

      2.0MB

    • MD5

      a7db016538604761b783789753b8a8fd

    • SHA1

      e6e708b04d323f7e79084b290efb21dcb647628f

    • SHA256

      4062dc237b1cdda4f74e506f4d71298ed3b9b2a5a22dd8963fcc95420d1737d6

    • SHA512

      99cceb5d60da573ff18bb638fcefb0df3c4ab76009edb7f15811296395969585ea20ab7f68ba2def98821bbbd64021fc5c8e1a4a1b4f65a8342c21cdfff82712

    • SSDEEP

      49152:lLF8qlqvgeOdaHWelBLBy2yO7O0k2O6O7:JlqvZOdaHVB1ty2O087

    • Detects Strela Stealer payload

    • Strela stealer

      An info stealer targeting mail credentials first seen in late 2022.

    • Drops file in Drivers directory

    • Target

      MPParamEdit_F1.exe

    • Size

      696KB

    • MD5

      55147cb2e22d9b4184bd4f7b33b89892

    • SHA1

      d8d7c87a10a2f56fd18cc43f3a07364435250879

    • SHA256

      9b221212828ac17122ebaa87ae54c745d9c9c2f432245c62bd549b8d5621a83c

    • SHA512

      400b5d3d5a099effbff49300663cc040425cc3f5f1d87ed3cc2e4399ad26ab79c38efbc8f753237501a38145251102b60c868c52be23d9b885b611b6705ee487

    • SSDEEP

      12288:qvBnwZ2dPXLmGI1YDIdTef4ux3RGgfqJgmSPnAV/hLbY0mD+EPpU+:8XCFez9iCmSP8/hLba5D

    Score
    3/10
    • Target

      MPParamEdit_F2.exe

    • Size

      700KB

    • MD5

      59a380bfaaa12a2138b00233ee3c74cd

    • SHA1

      16ba58c1901a6fdb509cbd1798e289739764538f

    • SHA256

      d5b7f8db9ccc12309ffce3fedd5a52dc5f71fca617f050e8bfd0e40f81b52e95

    • SHA512

      e046bf1199d2915acf24bf9c0b22cb4175febb66b3f254d68d0f14a0cff3b38c778a58a8f8ad88a79048c9c4131973b103454a22eab47c9f0250975659a85f17

    • SSDEEP

      12288:evBnij8TZyjUxnLDMVXXbFES7/VwA8cUCKWgvCgg+9AOYEPpU+:nHxxLHBgvnf7PD

    Score
    3/10
    • Target

      inpout32.dll

    • Size

      48KB

    • MD5

      99ececb007d9d62941ac0edcdb4c265e

    • SHA1

      eba4d9359ac906809a102695c9cc32be63e40058

    • SHA256

      2a08780ecd3a2c42bebda55d3eec3a69a417312e7a884f89b53aecad729b9af3

    • SHA512

      d9bbb9d63c7fa6327f5edcf142c64da990824a75a5783074cc95c2581378fdb5cef12d65c7e4663eeab15bde90978f4c1704aa0725c69bec4e01a754aff4a8e9

    • SSDEEP

      768:0kKvTva8kE/dkfn3S4P+/+C2n3v8oLeZ9F:0kKvTvaXEmXPqG0oLe

    Score
    8/10
    • Drops file in Drivers directory

MITRE ATT&CK Enterprise v15

Tasks