Overview

overview

7

Static

static

3

3974fe00d1...18.exe

windows7-x64

7

3974fe00d1...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3974fe00d1be1a1e725f0ac854ed0bf3_JaffaCakes118

  • Size

    712KB

  • Sample

    241012-l7je1avfpf

  • MD5

    3974fe00d1be1a1e725f0ac854ed0bf3

  • SHA1

    001d2703619e7d72d6ead46897fe967303e8e535

  • SHA256

    e10e87e91108e94e9656b03e4a590f4544df4aa754eb0127f6ceac6fbfc0122e

  • SHA512

    aec3fbc1290262f78a2b0d9c7d8d355abb9425b89a541a16796ed480dce56ff7125a74a574eecba1523dde0878f3ea12410921a500f90efc3427ed67cc9329bd

  • SSDEEP

    12288:8ciCACm/UbbciCACm/UbyvXk1i3A+JZwWBw4:TiH8bgiH8b+k1i3n5w4

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      3974fe00d1be1a1e725f0ac854ed0bf3_JaffaCakes118

    • Size

      712KB

    • MD5

      3974fe00d1be1a1e725f0ac854ed0bf3

    • SHA1

      001d2703619e7d72d6ead46897fe967303e8e535

    • SHA256

      e10e87e91108e94e9656b03e4a590f4544df4aa754eb0127f6ceac6fbfc0122e

    • SHA512

      aec3fbc1290262f78a2b0d9c7d8d355abb9425b89a541a16796ed480dce56ff7125a74a574eecba1523dde0878f3ea12410921a500f90efc3427ed67cc9329bd

    • SSDEEP

      12288:8ciCACm/UbbciCACm/UbyvXk1i3A+JZwWBw4:TiH8bgiH8b+k1i3n5w4

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks