General
-
Target
3b1b53115037909224a13e8fa93ffc3b_JaffaCakes118
-
Size
1.9MB
-
Sample
241012-vfsn2avgkp
-
MD5
3b1b53115037909224a13e8fa93ffc3b
-
SHA1
8f94bfc8ccd1e345d666fcaa4d79aee56fe94484
-
SHA256
a04f1a8c4e0fe27cd197a7f4153a56af80a9d04f8d0ce2865368954efd5989ab
-
SHA512
43186ae54aa04e2a9ea53b19961706f1a1d3ad6c9acee2663d5625251712a7269686710c1531d3da57a6632721edd5a3a256cfbb3e1a0e50c0e1e681499717a6
-
SSDEEP
49152:sd8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsOg:9SBnW5d+lub3asPs9S7pcrx
Malware Config
Targets
-
-
Target
3b1b53115037909224a13e8fa93ffc3b_JaffaCakes118
-
Size
1.9MB
-
MD5
3b1b53115037909224a13e8fa93ffc3b
-
SHA1
8f94bfc8ccd1e345d666fcaa4d79aee56fe94484
-
SHA256
a04f1a8c4e0fe27cd197a7f4153a56af80a9d04f8d0ce2865368954efd5989ab
-
SHA512
43186ae54aa04e2a9ea53b19961706f1a1d3ad6c9acee2663d5625251712a7269686710c1531d3da57a6632721edd5a3a256cfbb3e1a0e50c0e1e681499717a6
-
SSDEEP
49152:sd8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsOg:9SBnW5d+lub3asPs9S7pcrx
Score7/10-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1