General

  • Target

    670b3ae332d4996a3215b1b0bd8bb68f_JaffaCakes118

  • Size

    725KB

  • Sample

    241021-s4cavaybrh

  • MD5

    670b3ae332d4996a3215b1b0bd8bb68f

  • SHA1

    8defba4a6a75abc7c5fe05ca5a60035a5b1a334f

  • SHA256

    0a497e8024245b458b633423f74a90e83a3eea7c83c1a3e6e28b12092f5f102e

  • SHA512

    f8cba9aa2ad252cd2c1fd810d3deb9cd1d14c6d25533645aa1217e4ba8eafaaf993ed196f1eb314c9bbce086bd7d6cf98afaee972af0bc9eaef5911df75dcaed

  • SSDEEP

    12288:h1OgLdaOIo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJ3:h1OYdaOIOBsFEt5hDG0SAMs9jR/jaJnW

Malware Config

Targets

    • Target

      670b3ae332d4996a3215b1b0bd8bb68f_JaffaCakes118

    • Size

      725KB

    • MD5

      670b3ae332d4996a3215b1b0bd8bb68f

    • SHA1

      8defba4a6a75abc7c5fe05ca5a60035a5b1a334f

    • SHA256

      0a497e8024245b458b633423f74a90e83a3eea7c83c1a3e6e28b12092f5f102e

    • SHA512

      f8cba9aa2ad252cd2c1fd810d3deb9cd1d14c6d25533645aa1217e4ba8eafaaf993ed196f1eb314c9bbce086bd7d6cf98afaee972af0bc9eaef5911df75dcaed

    • SSDEEP

      12288:h1OgLdaOIo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJ3:h1OYdaOIOBsFEt5hDG0SAMs9jR/jaJnW

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks