General
-
Target
118a5583abe12d104472c7f79cdef960_JaffaCakes118
-
Size
1018KB
-
Sample
241004-dd7lqs1apj
-
MD5
118a5583abe12d104472c7f79cdef960
-
SHA1
18e4a85487504735eb24900c1f752ac3ee3dec72
-
SHA256
2e980431a3a092c619584ae6aa1015aacc16601d79ca2373f7d6a1568c5ada14
-
SHA512
19e6b3daa077fb1d4baed31811cb39145735f0732371df1cbdb9f2cae4fce6914d0248156fee01ea9c87f91f1a113ecc8e8b74b812b3df63fa2298270fba62fd
-
SSDEEP
24576:nBR3JS2l7sit4dSGa7ggzu7CQjcmi+QnTN3vJxdjpaD:BBJS2xsi7Ga7YCQjcmifnTlv5jE
Malware Config
Targets
-
-
Target
118a5583abe12d104472c7f79cdef960_JaffaCakes118
-
Size
1018KB
-
MD5
118a5583abe12d104472c7f79cdef960
-
SHA1
18e4a85487504735eb24900c1f752ac3ee3dec72
-
SHA256
2e980431a3a092c619584ae6aa1015aacc16601d79ca2373f7d6a1568c5ada14
-
SHA512
19e6b3daa077fb1d4baed31811cb39145735f0732371df1cbdb9f2cae4fce6914d0248156fee01ea9c87f91f1a113ecc8e8b74b812b3df63fa2298270fba62fd
-
SSDEEP
24576:nBR3JS2l7sit4dSGa7ggzu7CQjcmi+QnTN3vJxdjpaD:BBJS2xsi7Ga7YCQjcmifnTlv5jE
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops Chrome extension
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
3Subvert Trust Controls
1Install Root Certificate
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1