General

  • Target

    d688a340441d370588dd0faf0c528976_JaffaCakes118

  • Size

    406KB

  • Sample

    240909-r5mmjatdmk

  • MD5

    d688a340441d370588dd0faf0c528976

  • SHA1

    3d5f6ab68517fcb4bf29daea374062cdc1089edf

  • SHA256

    fd3930ade2ad5f3d7ce6d0a89cfb934e07c18090679904dcb068d790c559170d

  • SHA512

    b6e1d230affd24ad95623a87443a07fe37a1beb7386c5514a45bfbf0294da38b63c6d06336739c3c9e0537d3a8b350a65f75c0017ee8c27e65742055aa750fb5

  • SSDEEP

    12288:itxqBTfXKy/TNxDvb3NbIsnlpRkIg8jZMkIqWM1E56:exW/ZTLrrJkKMdqWMi56

Malware Config

Targets

    • Target

      d688a340441d370588dd0faf0c528976_JaffaCakes118

    • Size

      406KB

    • MD5

      d688a340441d370588dd0faf0c528976

    • SHA1

      3d5f6ab68517fcb4bf29daea374062cdc1089edf

    • SHA256

      fd3930ade2ad5f3d7ce6d0a89cfb934e07c18090679904dcb068d790c559170d

    • SHA512

      b6e1d230affd24ad95623a87443a07fe37a1beb7386c5514a45bfbf0294da38b63c6d06336739c3c9e0537d3a8b350a65f75c0017ee8c27e65742055aa750fb5

    • SSDEEP

      12288:itxqBTfXKy/TNxDvb3NbIsnlpRkIg8jZMkIqWM1E56:exW/ZTLrrJkKMdqWMi56

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks