General

  • Target

    66d788b72065f5c83071de2a4c3d8b41_JaffaCakes118

  • Size

    717KB

  • Sample

    241021-qqdweaxcpp

  • MD5

    66d788b72065f5c83071de2a4c3d8b41

  • SHA1

    3cbc3833db16ac2eaae10851da69b974356e0232

  • SHA256

    593253762e6315b8abd3db3e0c045732f26c4cc112c9528e3fe68b659e2cc6ac

  • SHA512

    437cc839779befe05694d82c54ce5579bfa3ff4c3ca685f08c4f5ac83804ff080a9e7dd130712e7d37c5436ea3fa088dbd58afcb30b3b1c8b1b1bf5f99caa7ae

  • SSDEEP

    12288:UKnekrL58CuMZ4XLc6fPKN/plLbrtTlcr/gTELj9EwjGmEkY5cI:9Lin93KN/pRbuYTELpLimEHiI

Malware Config

Targets

    • Target

      66d788b72065f5c83071de2a4c3d8b41_JaffaCakes118

    • Size

      717KB

    • MD5

      66d788b72065f5c83071de2a4c3d8b41

    • SHA1

      3cbc3833db16ac2eaae10851da69b974356e0232

    • SHA256

      593253762e6315b8abd3db3e0c045732f26c4cc112c9528e3fe68b659e2cc6ac

    • SHA512

      437cc839779befe05694d82c54ce5579bfa3ff4c3ca685f08c4f5ac83804ff080a9e7dd130712e7d37c5436ea3fa088dbd58afcb30b3b1c8b1b1bf5f99caa7ae

    • SSDEEP

      12288:UKnekrL58CuMZ4XLc6fPKN/plLbrtTlcr/gTELj9EwjGmEkY5cI:9Lin93KN/pRbuYTELpLimEHiI

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks