General

  • Target

    6611ca12f6537064bd3bd4a21ab739ab_JaffaCakes118

  • Size

    717KB

  • Sample

    241021-jxeb7axfmn

  • MD5

    6611ca12f6537064bd3bd4a21ab739ab

  • SHA1

    7651a7ca2e46541cb0a36e09fc71d89f7f4a4525

  • SHA256

    34f25f73282b0288d49658619023647a27f2071f1f60586dcb4c459055a064bb

  • SHA512

    7c73a446628fe1c42386fd564a88733bf61127d78f8867170ce3a6a37f4454bc14ada1c4146ee0fd5015268af2e044d2c76311a133e8ccbd6462761c0cbc1c71

  • SSDEEP

    12288:BKnekrL589PH1qI2U5tvseHR/6E3oWWu6MUc9BG+ib4JE1ZDs55auEBIqUJxzCv8:OLi5VqkFWrMUyBNisJH55moRNL

Malware Config

Targets

    • Target

      6611ca12f6537064bd3bd4a21ab739ab_JaffaCakes118

    • Size

      717KB

    • MD5

      6611ca12f6537064bd3bd4a21ab739ab

    • SHA1

      7651a7ca2e46541cb0a36e09fc71d89f7f4a4525

    • SHA256

      34f25f73282b0288d49658619023647a27f2071f1f60586dcb4c459055a064bb

    • SHA512

      7c73a446628fe1c42386fd564a88733bf61127d78f8867170ce3a6a37f4454bc14ada1c4146ee0fd5015268af2e044d2c76311a133e8ccbd6462761c0cbc1c71

    • SSDEEP

      12288:BKnekrL589PH1qI2U5tvseHR/6E3oWWu6MUc9BG+ib4JE1ZDs55auEBIqUJxzCv8:OLi5VqkFWrMUyBNisJH55moRNL

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks