General

  • Target

    48c3369c8059bb166fa83b04ccf81209_JaffaCakes118

  • Size

    637KB

  • Sample

    241015-tm8s6axhql

  • MD5

    48c3369c8059bb166fa83b04ccf81209

  • SHA1

    732cb9d43d06915cb21b7b6d83c6ac01d10f0d18

  • SHA256

    4b0894a4b56c0334e3ce6deb5851988f566c566d18f90f5ca787f1fbdf64c171

  • SHA512

    c5d45082e80a6b99e19604f289e0a72801c5049f9da593fa4b80bedcefd9ea48f77f51f4ca97252c02b9adc68268073c0e7932e02c1d79290133e08bda417f7a

  • SSDEEP

    12288:GzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:uoGPyRQXkkJaXrmu05Ak6MRoXyhB

Malware Config

Targets

    • Target

      48c3369c8059bb166fa83b04ccf81209_JaffaCakes118

    • Size

      637KB

    • MD5

      48c3369c8059bb166fa83b04ccf81209

    • SHA1

      732cb9d43d06915cb21b7b6d83c6ac01d10f0d18

    • SHA256

      4b0894a4b56c0334e3ce6deb5851988f566c566d18f90f5ca787f1fbdf64c171

    • SHA512

      c5d45082e80a6b99e19604f289e0a72801c5049f9da593fa4b80bedcefd9ea48f77f51f4ca97252c02b9adc68268073c0e7932e02c1d79290133e08bda417f7a

    • SSDEEP

      12288:GzKTBwOoP9oO6ZQTjwbkJPyXpJmuIwFPzk605Aky+oklRfg1JOpA0zvZ3:uoGPyRQXkkJaXrmu05Ak6MRoXyhB

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks