Overview

overview

7

Static

static

3

dc12df8dbe...18.exe

windows7-x64

7

dc12df8dbe...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dc12df8dbe0c7165ed620933bc343a97_JaffaCakes118

  • Size

    320KB

  • Sample

    240912-jbbdeaybkc

  • MD5

    dc12df8dbe0c7165ed620933bc343a97

  • SHA1

    5da83bc5c013c107ef648eb560f17f08fb416d16

  • SHA256

    269c1b4bd1ba6d520b0e8da5177e03f4474c85a452563c777d43fd06225f51bd

  • SHA512

    4b679a53bddb91d50e43c736f44dabf4d1c6986943751b32cc43daf99b8d6ba28b8bbc102c271d25f6ba62fcaea5d64156cc3e4c254491038649548582d3898a

  • SSDEEP

    6144:I4lRkAehaKuqT+FDlpmrpad7P52JW4Vj3OeH2GgN72RoODr:IkWAehJuqT6pmtadD5qVj3YOV/

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      dc12df8dbe0c7165ed620933bc343a97_JaffaCakes118

    • Size

      320KB

    • MD5

      dc12df8dbe0c7165ed620933bc343a97

    • SHA1

      5da83bc5c013c107ef648eb560f17f08fb416d16

    • SHA256

      269c1b4bd1ba6d520b0e8da5177e03f4474c85a452563c777d43fd06225f51bd

    • SHA512

      4b679a53bddb91d50e43c736f44dabf4d1c6986943751b32cc43daf99b8d6ba28b8bbc102c271d25f6ba62fcaea5d64156cc3e4c254491038649548582d3898a

    • SSDEEP

      6144:I4lRkAehaKuqT+FDlpmrpad7P52JW4Vj3OeH2GgN72RoODr:IkWAehJuqT6pmtadD5qVj3YOV/

    Score
    7/10
    discoverypersistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks