General

  • Target

    4a36039a350769562822afc507ed47fd_JaffaCakes118

  • Size

    865KB

  • Sample

    241015-1w1mgatdmm

  • MD5

    4a36039a350769562822afc507ed47fd

  • SHA1

    9f86305d0e26e77355d8d48a795607e7dadd4b36

  • SHA256

    9e70706aa9b9ca3b3e6c49975f47b850853fef59de4537b9447e747cff3a348d

  • SHA512

    1a7718bfd261bde92bdcc944f589425c61c5be76462cdb01b2340a92d808a404b33162e2229339ccaaa41e8c5f1916b390c73f3ed2c5d2e35b9bd512b302ad3e

  • SSDEEP

    24576:YnIECCSIaYh4cJH495Wq/TB9y6BbUGsM/jq:YnIVCSIa6Y9kq/vBbv//

Malware Config

Targets

    • Target

      4a36039a350769562822afc507ed47fd_JaffaCakes118

    • Size

      865KB

    • MD5

      4a36039a350769562822afc507ed47fd

    • SHA1

      9f86305d0e26e77355d8d48a795607e7dadd4b36

    • SHA256

      9e70706aa9b9ca3b3e6c49975f47b850853fef59de4537b9447e747cff3a348d

    • SHA512

      1a7718bfd261bde92bdcc944f589425c61c5be76462cdb01b2340a92d808a404b33162e2229339ccaaa41e8c5f1916b390c73f3ed2c5d2e35b9bd512b302ad3e

    • SSDEEP

      24576:YnIECCSIaYh4cJH495Wq/TB9y6BbUGsM/jq:YnIVCSIa6Y9kq/vBbv//

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks