Overview

overview

7

Static

static

3

3c139b9825...18.exe

windows7-x64

7

3c139b9825...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    3c139b9825a681ed5906c9620a4e0220_JaffaCakes118

  • Size

    717KB

  • Sample

    241012-z4ybmswcpj

  • MD5

    3c139b9825a681ed5906c9620a4e0220

  • SHA1

    83d28529d7acd8e10bb3b57fce98a6a3d61a5771

  • SHA256

    6ea0a0bc84f22acb94a1ac90e885129474bf32d43c390672d2911bb0b00b4758

  • SHA512

    545f34f93d593d4eb5a7b709037a271ba4198b5399b3aa4631736953bf7906d0cab8bd452fbe680c23ad5445639c8c3c81177ec670d747fa97d0cb1330aad14e

  • SSDEEP

    12288:UKnekrL58Q1ir3fYNuO2o7wD30YaG6mBTwtOqcSujVaq1pSXgLq71wzaXpratO4W:9LiQ14O32SwIHxmuoqwj1pSXl71wzaw0

Score
7/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      3c139b9825a681ed5906c9620a4e0220_JaffaCakes118

    • Size

      717KB

    • MD5

      3c139b9825a681ed5906c9620a4e0220

    • SHA1

      83d28529d7acd8e10bb3b57fce98a6a3d61a5771

    • SHA256

      6ea0a0bc84f22acb94a1ac90e885129474bf32d43c390672d2911bb0b00b4758

    • SHA512

      545f34f93d593d4eb5a7b709037a271ba4198b5399b3aa4631736953bf7906d0cab8bd452fbe680c23ad5445639c8c3c81177ec670d747fa97d0cb1330aad14e

    • SSDEEP

      12288:UKnekrL58Q1ir3fYNuO2o7wD30YaG6mBTwtOqcSujVaq1pSXgLq71wzaXpratO4W:9LiQ14O32SwIHxmuoqwj1pSXl71wzaw0

    Score
    7/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks