Overview

overview

8

Static

static

3

180040ed64...18.exe

windows7-x64

8

180040ed64...18.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    180040ed6478620d18995382d32b69e0_JaffaCakes118

  • Size

    47KB

  • Sample

    241006-n698faxcra

  • MD5

    180040ed6478620d18995382d32b69e0

  • SHA1

    2e07d994103939d674bd24392ff18fb2358d162b

  • SHA256

    09c010a1200b975ebf39bbca18b07a84857b63f43b146555df253147ec03fa71

  • SHA512

    53b55e9ef282e42e3dd4dc3732723f8b84c09cf8fc75af4d7e3a2cdf28c5954c036c59c70f53730bbcf94ea1b89029cd56874a609a7453b0456f495ff78a1b36

  • SSDEEP

    768:P0Sr1ElOIEvzMXqtwp/lttaL7HP4wIncLRdR5kP78a0RJW/aMDYMUrOOKvL3eIb1:P0KaYzMXqtGNttyUn01Q78a4R6LTTHqm

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      180040ed6478620d18995382d32b69e0_JaffaCakes118

    • Size

      47KB

    • MD5

      180040ed6478620d18995382d32b69e0

    • SHA1

      2e07d994103939d674bd24392ff18fb2358d162b

    • SHA256

      09c010a1200b975ebf39bbca18b07a84857b63f43b146555df253147ec03fa71

    • SHA512

      53b55e9ef282e42e3dd4dc3732723f8b84c09cf8fc75af4d7e3a2cdf28c5954c036c59c70f53730bbcf94ea1b89029cd56874a609a7453b0456f495ff78a1b36

    • SSDEEP

      768:P0Sr1ElOIEvzMXqtwp/lttaL7HP4wIncLRdR5kP78a0RJW/aMDYMUrOOKvL3eIb1:P0KaYzMXqtGNttyUn01Q78a4R6LTTHqm

    Score
    8/10
    discoveryspywarestealer

    • Drops file in Drivers directory

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks