General

  • Target

    4fd415b24c92239bdbf5877a39a03f2c_JaffaCakes118

  • Size

    47KB

  • Sample

    241017-amjpgs1fpe

  • MD5

    4fd415b24c92239bdbf5877a39a03f2c

  • SHA1

    03211e9e162ec6fa1f2a36386f0bcca4453c0539

  • SHA256

    6344f2c3f6d48d7dd9f490e1898a1c33f84e9230084879504576ae678a52add2

  • SHA512

    4b2f675807fc17a20c89ab63874bd8d09e229bdf4bac918133ce8436395c9113a7bf74e87733971c892702130e973bdc0528b9bedc5630e3f3a667661ab8aee6

  • SSDEEP

    768:EISCsK9ob1/Ou8yRQk1602zTffn1UATohaIlbMqzysJ2KKHNgd1QcaBE+L:E/G2pnf2318aMbp2uPQcC

Malware Config

Targets

    • Target

      4fd415b24c92239bdbf5877a39a03f2c_JaffaCakes118

    • Size

      47KB

    • MD5

      4fd415b24c92239bdbf5877a39a03f2c

    • SHA1

      03211e9e162ec6fa1f2a36386f0bcca4453c0539

    • SHA256

      6344f2c3f6d48d7dd9f490e1898a1c33f84e9230084879504576ae678a52add2

    • SHA512

      4b2f675807fc17a20c89ab63874bd8d09e229bdf4bac918133ce8436395c9113a7bf74e87733971c892702130e973bdc0528b9bedc5630e3f3a667661ab8aee6

    • SSDEEP

      768:EISCsK9ob1/Ou8yRQk1602zTffn1UATohaIlbMqzysJ2KKHNgd1QcaBE+L:E/G2pnf2318aMbp2uPQcC

    • Modifies WinLogon for persistence

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks