General
-
Target
1264d88b357a013fbb804a8218e0b685_JaffaCakes118
-
Size
271KB
-
Sample
241004-h9p4sa1fpj
-
MD5
1264d88b357a013fbb804a8218e0b685
-
SHA1
5926cde0908315d18667461ce56973c1a23f29e7
-
SHA256
d471a46e2a994f1d2b79abce2abd0b0da6bb65f84f464b8bdb9de9599d5e67fc
-
SHA512
36690869d58ab9591492ff6dc26a2b4913c40a1f466e73780056281ffadb2b36447ba1d0ef6df21a8f5c5dd63d76226c1ba73ef679fb4e1ae829a3af3adf71a2
-
SSDEEP
6144:BtfDwsjPThT5zL2Y6FJph/ox1M7JtLLpSVurRuTb2syNcGJ:B5hVrekqtLLpFRuH2sy
Malware Config
Targets
-
-
Target
1264d88b357a013fbb804a8218e0b685_JaffaCakes118
-
Size
271KB
-
MD5
1264d88b357a013fbb804a8218e0b685
-
SHA1
5926cde0908315d18667461ce56973c1a23f29e7
-
SHA256
d471a46e2a994f1d2b79abce2abd0b0da6bb65f84f464b8bdb9de9599d5e67fc
-
SHA512
36690869d58ab9591492ff6dc26a2b4913c40a1f466e73780056281ffadb2b36447ba1d0ef6df21a8f5c5dd63d76226c1ba73ef679fb4e1ae829a3af3adf71a2
-
SSDEEP
6144:BtfDwsjPThT5zL2Y6FJph/ox1M7JtLLpSVurRuTb2syNcGJ:B5hVrekqtLLpFRuH2sy
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1