General

  • Target

    4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118

  • Size

    46KB

  • Sample

    241016-f85fzazajq

  • MD5

    4b9ab9e6e7b813d56cd991c3906d162b

  • SHA1

    663cb68aebe2b03f51f1d0829edb931357053f32

  • SHA256

    6c2784200e5c5fa95e27e38e51a928b70e8ea584a4247ddb6bedfe0058aaff3e

  • SHA512

    03055553527e5df592564fc4e0daa35168aab4a1308c7d65923acd0a9ddb503686fea0f53925d4ae2b38062a3e8e27c184b0e0834087e59068d831b886791427

  • SSDEEP

    768:6b8AOvx9BLnhvJjSPbcsvG+Zx5INeMOavnfj0nIuXazzBLRxVVWs0BOHhvLJtRdU:b9/LhBjSI4BZ4NeCvr0XaBus0B2jJ7dU

Malware Config

Targets

    • Target

      4b9ab9e6e7b813d56cd991c3906d162b_JaffaCakes118

    • Size

      46KB

    • MD5

      4b9ab9e6e7b813d56cd991c3906d162b

    • SHA1

      663cb68aebe2b03f51f1d0829edb931357053f32

    • SHA256

      6c2784200e5c5fa95e27e38e51a928b70e8ea584a4247ddb6bedfe0058aaff3e

    • SHA512

      03055553527e5df592564fc4e0daa35168aab4a1308c7d65923acd0a9ddb503686fea0f53925d4ae2b38062a3e8e27c184b0e0834087e59068d831b886791427

    • SSDEEP

      768:6b8AOvx9BLnhvJjSPbcsvG+Zx5INeMOavnfj0nIuXazzBLRxVVWs0BOHhvLJtRdU:b9/LhBjSI4BZ4NeCvr0XaBus0B2jJ7dU

    • Modifies WinLogon for persistence

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks