General

  • Target

    66d568d6f2513c417fcf4386e2fe81d6_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241021-qnfbfsxbqp

  • MD5

    66d568d6f2513c417fcf4386e2fe81d6

  • SHA1

    da9ed31f10ce0b391961befd2699cdae4ee6a51b

  • SHA256

    2352ce8016580af54453c5f6594c35ce5722784a91500469edaf8d6b03e011c0

  • SHA512

    1e5fb1af44e1205ea54b326867243d1ca7633de41fb86a950fbb27dd3f301f2af82398e9a1ebcf4e8e931ebfda53d6ddbfdd7f7317cccfe56162aa54f8646e74

  • SSDEEP

    24576:4LiYetY0gYhNQ2pvGJ2dPqTYU0uW0YUMpjn6TMTBmsVgxCcp:4LoYvA7Vy6TC5MpGodmsVgMcp

Malware Config

Targets

    • Target

      66d568d6f2513c417fcf4386e2fe81d6_JaffaCakes118

    • Size

      1.0MB

    • MD5

      66d568d6f2513c417fcf4386e2fe81d6

    • SHA1

      da9ed31f10ce0b391961befd2699cdae4ee6a51b

    • SHA256

      2352ce8016580af54453c5f6594c35ce5722784a91500469edaf8d6b03e011c0

    • SHA512

      1e5fb1af44e1205ea54b326867243d1ca7633de41fb86a950fbb27dd3f301f2af82398e9a1ebcf4e8e931ebfda53d6ddbfdd7f7317cccfe56162aa54f8646e74

    • SSDEEP

      24576:4LiYetY0gYhNQ2pvGJ2dPqTYU0uW0YUMpjn6TMTBmsVgxCcp:4LoYvA7Vy6TC5MpGodmsVgMcp

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks