General

  • Target

    66d898d1eb64997af705d71a730661a7_JaffaCakes118

  • Size

    131KB

  • Sample

    241021-qq3vjaxdjk

  • MD5

    66d898d1eb64997af705d71a730661a7

  • SHA1

    4bf8d9a670ddce1c2ec358213403080de29109d3

  • SHA256

    aa896098b88a7696f2ee8a40a6a126a4931be3c3bb51f11ae42528a5a23a534a

  • SHA512

    46601b9996a99ff042dc3bd1c092d1a8a0b5d03315d317cba2ad7af1336cae4c52aa48dfbf3ac611f9df99c96fc9b7d2ecead0f0196088c076375cd54d28fe2e

  • SSDEEP

    3072:nPqgPCzJtwY1qYA6OxrFI6VOgxRHwJJolS5jXxE0EhqbZvBWO6F:nPqg7YL0rFI6VpxRHKJo2C0XbU

Malware Config

Targets

    • Target

      66d898d1eb64997af705d71a730661a7_JaffaCakes118

    • Size

      131KB

    • MD5

      66d898d1eb64997af705d71a730661a7

    • SHA1

      4bf8d9a670ddce1c2ec358213403080de29109d3

    • SHA256

      aa896098b88a7696f2ee8a40a6a126a4931be3c3bb51f11ae42528a5a23a534a

    • SHA512

      46601b9996a99ff042dc3bd1c092d1a8a0b5d03315d317cba2ad7af1336cae4c52aa48dfbf3ac611f9df99c96fc9b7d2ecead0f0196088c076375cd54d28fe2e

    • SSDEEP

      3072:nPqgPCzJtwY1qYA6OxrFI6VOgxRHwJJolS5jXxE0EhqbZvBWO6F:nPqg7YL0rFI6VpxRHKJo2C0XbU

    • Modifies WinLogon for persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks