General
-
Target
e0b74946540bf2e04b9f2304d62e3e66_JaffaCakes118
-
Size
332KB
-
Sample
240914-wgw9aaxdqa
-
MD5
e0b74946540bf2e04b9f2304d62e3e66
-
SHA1
848a3997971e96eb8e907abedfeed557af6aa13b
-
SHA256
0fbd3362db586a5b206c4716aaf34efb2cab8776e3cfdd9bc1a3721c756fbf60
-
SHA512
ec9b2348d6a5c4f88a71b25e06cae2c3261a1f9acc959079a8c435917620d3029f047af508c1d68af2e6df2a7f603fb762330adda0a4e196ac9d7be5610bba4c
-
SSDEEP
6144:/2YsWosYgvDx0EVnA3votIvPmZwQ3HDG5rNXlJuBq/v/QZOIWLTXzT:vpYgDBVA/C4GwIHDmlJuBGQZO7Lz
Malware Config
Targets
-
-
Target
e0b74946540bf2e04b9f2304d62e3e66_JaffaCakes118
-
Size
332KB
-
MD5
e0b74946540bf2e04b9f2304d62e3e66
-
SHA1
848a3997971e96eb8e907abedfeed557af6aa13b
-
SHA256
0fbd3362db586a5b206c4716aaf34efb2cab8776e3cfdd9bc1a3721c756fbf60
-
SHA512
ec9b2348d6a5c4f88a71b25e06cae2c3261a1f9acc959079a8c435917620d3029f047af508c1d68af2e6df2a7f603fb762330adda0a4e196ac9d7be5610bba4c
-
SSDEEP
6144:/2YsWosYgvDx0EVnA3votIvPmZwQ3HDG5rNXlJuBq/v/QZOIWLTXzT:vpYgDBVA/C4GwIHDmlJuBGQZO7Lz
Score8/10-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Disables taskbar notifications via registry modification
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Active Setup
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Change Default File Association
1