General

  • Target

    49cb2d8be729c2bb4282894c5ff7223c_JaffaCakes118

  • Size

    108KB

  • Sample

    241015-yy7sfsyfkp

  • MD5

    49cb2d8be729c2bb4282894c5ff7223c

  • SHA1

    0876caea9a0b8d1a0367ffee70a5b63844557171

  • SHA256

    6835c3965eb91d8a8edc912f7dd976cef4023cb1fae3e6b21dd1f6a01a6dbdaa

  • SHA512

    e984307a43c3b12353c2082a286e6d07fcd79011f88212791705a9c654ceb1637eda8315ec686a1c5f0c1365c1d5613f51a8c7b5671f7711daaaeb545aad1af2

  • SSDEEP

    768:WNYjeskH7WkWHGUheEYKuSr/6EHjnrwpLelNjNsrJ/Dr0MYAoY3hrdHc:WNYSskHKVHJrlHTUpqvSLUY3A

Malware Config

Targets

    • Target

      49cb2d8be729c2bb4282894c5ff7223c_JaffaCakes118

    • Size

      108KB

    • MD5

      49cb2d8be729c2bb4282894c5ff7223c

    • SHA1

      0876caea9a0b8d1a0367ffee70a5b63844557171

    • SHA256

      6835c3965eb91d8a8edc912f7dd976cef4023cb1fae3e6b21dd1f6a01a6dbdaa

    • SHA512

      e984307a43c3b12353c2082a286e6d07fcd79011f88212791705a9c654ceb1637eda8315ec686a1c5f0c1365c1d5613f51a8c7b5671f7711daaaeb545aad1af2

    • SSDEEP

      768:WNYjeskH7WkWHGUheEYKuSr/6EHjnrwpLelNjNsrJ/Dr0MYAoY3hrdHc:WNYSskHKVHJrlHTUpqvSLUY3A

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

MITRE ATT&CK Enterprise v15

Tasks