Overview

overview

8

Static

static

3

d6324c750c...18.exe

windows7-x64

8

d6324c750c...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d6324c750c0ca4758c846c1aee0675d0_JaffaCakes118

  • Size

    335KB

  • Sample

    240909-navswaxckd

  • MD5

    d6324c750c0ca4758c846c1aee0675d0

  • SHA1

    e82504cb42d72ff2b7d189cd28f62949114b594d

  • SHA256

    c17f010656dbf21b956d8569a764f9288fd14904ef6461065cee71fa47378e97

  • SHA512

    8de5ba46fe4efb7764eb6fc89ad7227289b2d77893d1942c65b57b821bee4d808d8294fc2a334fc240cfc4a620cd7cb53a1e4712cee1ddf8468828272192303e

  • SSDEEP

    6144:ZPhaCEHpMGljt/RYkogFxbmY7il718BBF283NP4Fl/q:ZhaCEJNB7YNQbkWBBFZP4D/q

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      d6324c750c0ca4758c846c1aee0675d0_JaffaCakes118

    • Size

      335KB

    • MD5

      d6324c750c0ca4758c846c1aee0675d0

    • SHA1

      e82504cb42d72ff2b7d189cd28f62949114b594d

    • SHA256

      c17f010656dbf21b956d8569a764f9288fd14904ef6461065cee71fa47378e97

    • SHA512

      8de5ba46fe4efb7764eb6fc89ad7227289b2d77893d1942c65b57b821bee4d808d8294fc2a334fc240cfc4a620cd7cb53a1e4712cee1ddf8468828272192303e

    • SSDEEP

      6144:ZPhaCEHpMGljt/RYkogFxbmY7il718BBF283NP4Fl/q:ZhaCEJNB7YNQbkWBBFZP4D/q

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Manipulates Digital Signatures

      Attackers can apply techniques such as modifying certain DLL exports to make their binary seem valid.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops desktop.ini file(s)

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks