General

  • Target

    4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118

  • Size

    636KB

  • Sample

    241016-c9186ayfkg

  • MD5

    4b177dbe3193c9a86a8d2e1e93e55f32

  • SHA1

    bab42e0e5e5cbf36a377b46904ff33e514f4c372

  • SHA256

    b0779958efbcdd83f4e988345865e8311a6999a0190290a638303b9ecaf8019c

  • SHA512

    cab7b4cdaf7f3771c966850b636a1f78a2cb9e3a3f818c5b884c69dab7e3568434b27896df9e46966135ae699f73810809fac946c41e9ff0f17079b4e8e8ecfd

  • SSDEEP

    12288:gmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:gIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

Malware Config

Targets

    • Target

      4b177dbe3193c9a86a8d2e1e93e55f32_JaffaCakes118

    • Size

      636KB

    • MD5

      4b177dbe3193c9a86a8d2e1e93e55f32

    • SHA1

      bab42e0e5e5cbf36a377b46904ff33e514f4c372

    • SHA256

      b0779958efbcdd83f4e988345865e8311a6999a0190290a638303b9ecaf8019c

    • SHA512

      cab7b4cdaf7f3771c966850b636a1f78a2cb9e3a3f818c5b884c69dab7e3568434b27896df9e46966135ae699f73810809fac946c41e9ff0f17079b4e8e8ecfd

    • SSDEEP

      12288:gmFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:gIhfb/RSaxD5/OBA5AmyQsOtUmHlfj

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks