Overview

overview

7

Static

static

3

397a2341a3...18.exe

windows7-x64

7

397a2341a3...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    397a2341a3a47ce59728ffb966696987_JaffaCakes118

  • Size

    2.4MB

  • Sample

    241012-mas4lsvgph

  • MD5

    397a2341a3a47ce59728ffb966696987

  • SHA1

    c824615b63fa56eac1ceac79c0b202aee9dec771

  • SHA256

    7f1015169628bc8e2a4ed987567d4b790c72e3e584dad1b8c9c7f819c23bb1f2

  • SHA512

    5f725bcf2da99c30370c5c625ba93903d82445a8fa109dac39bf2175a5912b1d1263acfd8a43b72fdb935fa81a590b3fafb6272cb615a128070cfa54198c2a14

  • SSDEEP

    49152:x+g6/ivOkJwN3joJdXN0BMOwLloBrugXIgekkBQCKMN7pXRKNnp3:4g6/yJfJdXN0B7+s/eki9Nng

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      397a2341a3a47ce59728ffb966696987_JaffaCakes118

    • Size

      2.4MB

    • MD5

      397a2341a3a47ce59728ffb966696987

    • SHA1

      c824615b63fa56eac1ceac79c0b202aee9dec771

    • SHA256

      7f1015169628bc8e2a4ed987567d4b790c72e3e584dad1b8c9c7f819c23bb1f2

    • SHA512

      5f725bcf2da99c30370c5c625ba93903d82445a8fa109dac39bf2175a5912b1d1263acfd8a43b72fdb935fa81a590b3fafb6272cb615a128070cfa54198c2a14

    • SSDEEP

      49152:x+g6/ivOkJwN3joJdXN0BMOwLloBrugXIgekkBQCKMN7pXRKNnp3:4g6/yJfJdXN0B7+s/eki9Nng

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks