General

  • Target

    43a95d3a325f9eded50acb32e783f5d8_JaffaCakes118

  • Size

    636KB

  • Sample

    241014-xem39szgph

  • MD5

    43a95d3a325f9eded50acb32e783f5d8

  • SHA1

    79abbf2063eb847177fe196d6f1b3b131ae2873b

  • SHA256

    b7618aebc8dddd31f4455f6cf0bf41b597e91ccd31488c5f053715c30f21028e

  • SHA512

    8131aa00b819bb1204420ced66ccf26665d201a8305880bdeb13f67e597ff26b190e3e1afc00c8da9ce7c9ebfcf88093722528983a96ecdb55e17f88fb06f727

  • SSDEEP

    12288:bTqGBLl+LewWVZc6UtWHha81aSAt8KHdLzo1wljd0eDX6GvSJRuy:tLl+iwWVlUtWA8Y8K93o1wljd0E6USJn

Malware Config

Targets

    • Target

      43a95d3a325f9eded50acb32e783f5d8_JaffaCakes118

    • Size

      636KB

    • MD5

      43a95d3a325f9eded50acb32e783f5d8

    • SHA1

      79abbf2063eb847177fe196d6f1b3b131ae2873b

    • SHA256

      b7618aebc8dddd31f4455f6cf0bf41b597e91ccd31488c5f053715c30f21028e

    • SHA512

      8131aa00b819bb1204420ced66ccf26665d201a8305880bdeb13f67e597ff26b190e3e1afc00c8da9ce7c9ebfcf88093722528983a96ecdb55e17f88fb06f727

    • SSDEEP

      12288:bTqGBLl+LewWVZc6UtWHha81aSAt8KHdLzo1wljd0eDX6GvSJRuy:tLl+iwWVlUtWA8Y8K93o1wljd0E6USJn

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks