General

  • Target

    4fac4131c44725fd2d6fd878f263da8f_JaffaCakes118

  • Size

    811KB

  • Sample

    241016-3rperazeja

  • MD5

    4fac4131c44725fd2d6fd878f263da8f

  • SHA1

    873c44330bf1d4fa3060ee61a58ed0710e4268b2

  • SHA256

    74195824550845d108c969f66c2fa991c229003467dbf64df4abeb7332d7cd2c

  • SHA512

    d29bb1c5d3e6d5bbd8cb6090be218f82e11b6dc1cba17a751ba0670aef35a76b9bbd9b01c25e8e2d1eb6b57271b52bcc7efaf92396822a9badc759d25a766145

  • SSDEEP

    12288:7bFm/Bb3/0sX0FPZrOrBfesX+MuXo5zFbguzGuIScikf:NCPXyhroBfesX+uzLGu

Malware Config

Targets

    • Target

      4fac4131c44725fd2d6fd878f263da8f_JaffaCakes118

    • Size

      811KB

    • MD5

      4fac4131c44725fd2d6fd878f263da8f

    • SHA1

      873c44330bf1d4fa3060ee61a58ed0710e4268b2

    • SHA256

      74195824550845d108c969f66c2fa991c229003467dbf64df4abeb7332d7cd2c

    • SHA512

      d29bb1c5d3e6d5bbd8cb6090be218f82e11b6dc1cba17a751ba0670aef35a76b9bbd9b01c25e8e2d1eb6b57271b52bcc7efaf92396822a9badc759d25a766145

    • SSDEEP

      12288:7bFm/Bb3/0sX0FPZrOrBfesX+MuXo5zFbguzGuIScikf:NCPXyhroBfesX+uzLGu

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks