General
-
Target
13ce4f09b059abf601fb517fe00c2653_JaffaCakes118
-
Size
669KB
-
Sample
241004-r8kbkstgna
-
MD5
13ce4f09b059abf601fb517fe00c2653
-
SHA1
71669fbd0aed4eeb7bd5e21439979174f900eb6e
-
SHA256
42ae4aa79628afe953c73b163799798135483ef0d05d4ff14bdc450a068ea105
-
SHA512
210f5daa5e3ee6efc846fd3ab8baf97cdd5bb8ff40523d6f5e014c20415bba16a56a78a617bf843f9c8de4eebd777e6e82a826b681740b261b0003d4a4c42568
-
SSDEEP
12288:oxuj/5kQANn9MUHPVLoNjY+6z0AB0BZqBuA903FL+e66Q2qT:oo75kQArMyPVLAQPWO8bFKI
Malware Config
Targets
-
-
Target
13ce4f09b059abf601fb517fe00c2653_JaffaCakes118
-
Size
669KB
-
MD5
13ce4f09b059abf601fb517fe00c2653
-
SHA1
71669fbd0aed4eeb7bd5e21439979174f900eb6e
-
SHA256
42ae4aa79628afe953c73b163799798135483ef0d05d4ff14bdc450a068ea105
-
SHA512
210f5daa5e3ee6efc846fd3ab8baf97cdd5bb8ff40523d6f5e014c20415bba16a56a78a617bf843f9c8de4eebd777e6e82a826b681740b261b0003d4a4c42568
-
SSDEEP
12288:oxuj/5kQANn9MUHPVLoNjY+6z0AB0BZqBuA903FL+e66Q2qT:oo75kQArMyPVLAQPWO8bFKI
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1