General

  • Target

    0705372942260f038effdd3c214b05e4_JaffaCakes118

  • Size

    274KB

  • Sample

    241001-xqvx9awanm

  • MD5

    0705372942260f038effdd3c214b05e4

  • SHA1

    f89347d61eebced6dc58d55911888c2420664189

  • SHA256

    a5e4dd7de1e8bf05278812d02e812b4f238f86bc73fe87fa6f4db54dec34e30a

  • SHA512

    3407f8a2da1ecc9ae55c819cce07740ed1a913fbd162d9f8ae1fb69e67cfdc33347032b9be28777b4f83824ccb02172014248cccb628e48558a9f1fb555efeea

  • SSDEEP

    6144:Hf+BLtABPD9FBWKXsSlrVWdmQ41V6GIeydDRA1D049X:pFsSlrVWjY69eyd21DFX

Malware Config

Targets

    • Target

      0705372942260f038effdd3c214b05e4_JaffaCakes118

    • Size

      274KB

    • MD5

      0705372942260f038effdd3c214b05e4

    • SHA1

      f89347d61eebced6dc58d55911888c2420664189

    • SHA256

      a5e4dd7de1e8bf05278812d02e812b4f238f86bc73fe87fa6f4db54dec34e30a

    • SHA512

      3407f8a2da1ecc9ae55c819cce07740ed1a913fbd162d9f8ae1fb69e67cfdc33347032b9be28777b4f83824ccb02172014248cccb628e48558a9f1fb555efeea

    • SSDEEP

      6144:Hf+BLtABPD9FBWKXsSlrVWdmQ41V6GIeydDRA1D049X:pFsSlrVWjY69eyd21DFX

    • 44Caliber

      An open source infostealer written in C#.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses cryptocurrency files/wallets, possible credential harvesting

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

MITRE ATT&CK Enterprise v15

Tasks