General

  • Target

    66dc023d71c41cc0b566c4c3babd1edb_JaffaCakes118

  • Size

    1.9MB

  • Sample

    241021-qs7lhaxdpq

  • MD5

    66dc023d71c41cc0b566c4c3babd1edb

  • SHA1

    e2d6099b6d305fcdac909050f6b048586bd9fc03

  • SHA256

    a0472404ac86cc93bd9649f1dd7f41983309df9467a82455922c696d728e50ae

  • SHA512

    99bb7bea952c1aae8de8bdf6c565c8bdbd3842e471b760aa541bf5bdd74bd7a96610a03f6f1c0920bd473faca3e578088807d9a66aa9713e04fa0de6b393a8d1

  • SSDEEP

    49152:Aw7AilovY+Zl2CNjlownx12hn93vymcpd:J7A0ow2tlnnxQ9fyB

Malware Config

Targets

    • Target

      66dc023d71c41cc0b566c4c3babd1edb_JaffaCakes118

    • Size

      1.9MB

    • MD5

      66dc023d71c41cc0b566c4c3babd1edb

    • SHA1

      e2d6099b6d305fcdac909050f6b048586bd9fc03

    • SHA256

      a0472404ac86cc93bd9649f1dd7f41983309df9467a82455922c696d728e50ae

    • SHA512

      99bb7bea952c1aae8de8bdf6c565c8bdbd3842e471b760aa541bf5bdd74bd7a96610a03f6f1c0920bd473faca3e578088807d9a66aa9713e04fa0de6b393a8d1

    • SSDEEP

      49152:Aw7AilovY+Zl2CNjlownx12hn93vymcpd:J7A0ow2tlnnxQ9fyB

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks