Overview

overview

7

Static

static

3

03dcf19a3f...18.exe

windows7-x64

7

03dcf19a3f...18.exe

windows10-2004-x64

7

$TEMP/HTxvid.exe

windows7-x64

7

$TEMP/HTxvid.exe

windows10-2004-x64

3

Uninstall.exe

windows7-x64

7

Uninstall.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    03dcf19a3f28e2ca9b4a0d5fafa67ee6_JaffaCakes118

  • Size

    100KB

  • Sample

    241001-bl7klatdmn

  • MD5

    03dcf19a3f28e2ca9b4a0d5fafa67ee6

  • SHA1

    6c5959c9e86cfabf10549d0f2030884beff04de2

  • SHA256

    19a01dfe0fded4aa14ae198d6771ff259ee50bf1c17cb936f980bf124db2d41b

  • SHA512

    dee1f6ee2c5f68ecd601e753463def541a14cc874c038896e5a5a7f823736cd9d2f8f457d1ef2aef742ba37e0bb4f89478d32d6acb82b2d0ca216e3a5d575fd2

  • SSDEEP

    1536:Wdb/vBxIdFlU0AfLhANuIj7Aw6RKEkLLHwU84ivB3Hd8aDCDU/CO1J8qrg:WnilMfONuXw6RdiHwoUBNWY9g

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      03dcf19a3f28e2ca9b4a0d5fafa67ee6_JaffaCakes118

    • Size

      100KB

    • MD5

      03dcf19a3f28e2ca9b4a0d5fafa67ee6

    • SHA1

      6c5959c9e86cfabf10549d0f2030884beff04de2

    • SHA256

      19a01dfe0fded4aa14ae198d6771ff259ee50bf1c17cb936f980bf124db2d41b

    • SHA512

      dee1f6ee2c5f68ecd601e753463def541a14cc874c038896e5a5a7f823736cd9d2f8f457d1ef2aef742ba37e0bb4f89478d32d6acb82b2d0ca216e3a5d575fd2

    • SSDEEP

      1536:Wdb/vBxIdFlU0AfLhANuIj7Aw6RKEkLLHwU84ivB3Hd8aDCDU/CO1J8qrg:WnilMfONuXw6RdiHwoUBNWY9g

    Score
    7/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

    • Target

      $TEMP/HTxvid.exe

    • Size

      44KB

    • MD5

      2462aea139793ce13a3115a5651e75bf

    • SHA1

      9a61fa2166c8dd8a3dbe905ec92816b6cd497f4e

    • SHA256

      767bb70613fc7d1d21b05f666a87f34cc07ae0f6062d26838e52c2d68ee4a7bb

    • SHA512

      92dd428b4485d3e8b304fca0e1b57dad66c30dd39f85c55bab652469af79ea6084d5c9d774c61b71c80704bdb8313c0d8053755a8d3ccb6a8a6d00efa95d53bc

    • SSDEEP

      768://caMyXPpXv3gIMyMJADWf3uqEXjCafKQZodzLGPFms1zwl/1lA:/OyfNgIMyiAKf3cCaZodnseA

    Score
    7/10
    discoveryspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral3behavioral4

    • Target

      Uninstall.exe

    • Size

      61KB

    • MD5

      a7a428973e50d27a7bfb804c7b89ef6f

    • SHA1

      da5b2d816f1933467399cec0f63a4514cc172ce7

    • SHA256

      77b112e73eacc1f20c6e010102496933b3b449f74ee8055a318ccb06b85b7fc3

    • SHA512

      b4f24aed10c1bf2eb1acdba781f084ab783347d0611726f1a010ae9494b3d1d0810d350f7b801a7e660af2cf6a6253aaa93449b3a5e55addae3e7a50074cdc29

    • SSDEEP

      1536:Wdb/vBxIdFlU0AfLhANuIj7Aw6RvEkLKN:WnilMfONuXw6R8jN

    Score
    7/10
    discovery

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral5behavioral6

MITRE ATT&CK Enterprise v15

Tasks