General

  • Target

    66de2d6bccd203662be70ee95cf9c81a_JaffaCakes118

  • Size

    1.1MB

  • Sample

    241021-qvkjraxemj

  • MD5

    66de2d6bccd203662be70ee95cf9c81a

  • SHA1

    b251ef53d841ecbc9df89da45137371279cefa83

  • SHA256

    7f1432e33764c6fabe10ff957b1d8e810321e1702ab9d6db6da691cc5716d517

  • SHA512

    6009cc355ee43eec4955089005bf2c4ef6724eaae73cda0a6f84076c0f7f5ad1eb68c33c585b422a8a44797413293e8493f3020282385dafda05c0877c7d07f4

  • SSDEEP

    24576:h1OYdaOaOBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQL:h1Os7OEt5hDG0SAMs9j8nTJ2Y68hWGQL

Malware Config

Targets

    • Target

      66de2d6bccd203662be70ee95cf9c81a_JaffaCakes118

    • Size

      1.1MB

    • MD5

      66de2d6bccd203662be70ee95cf9c81a

    • SHA1

      b251ef53d841ecbc9df89da45137371279cefa83

    • SHA256

      7f1432e33764c6fabe10ff957b1d8e810321e1702ab9d6db6da691cc5716d517

    • SHA512

      6009cc355ee43eec4955089005bf2c4ef6724eaae73cda0a6f84076c0f7f5ad1eb68c33c585b422a8a44797413293e8493f3020282385dafda05c0877c7d07f4

    • SSDEEP

      24576:h1OYdaOaOBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQL:h1Os7OEt5hDG0SAMs9j8nTJ2Y68hWGQL

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks