General

  • Target

    82c38fe8b2bf8f194fcf15b5a826a298_JaffaCakes118

  • Size

    121KB

  • Sample

    241031-m46lssxcnp

  • MD5

    82c38fe8b2bf8f194fcf15b5a826a298

  • SHA1

    4d6abab8e9253a35e0b4fcb1c6c0efa92b05a878

  • SHA256

    1e5501dd48ef76ed07378e92225483a3bf006ed53259081b179e06006152e064

  • SHA512

    2007ddbfca5d30d4c340c2bbda228a533af8ccaf2d0179bb3ecbed34d174b9b8d815f9f998a230086039ac87e6eb80bfc516d6beb79af21ff8d0a59a0c9f8b58

  • SSDEEP

    3072:goaEusF4LTVd/dxZX8LA4RYb9Vj+FpKebixx3eePikYSm2ziqz5f9:guoNDv8/diewcS7zt

Malware Config

Targets

    • Target

      82c38fe8b2bf8f194fcf15b5a826a298_JaffaCakes118

    • Size

      121KB

    • MD5

      82c38fe8b2bf8f194fcf15b5a826a298

    • SHA1

      4d6abab8e9253a35e0b4fcb1c6c0efa92b05a878

    • SHA256

      1e5501dd48ef76ed07378e92225483a3bf006ed53259081b179e06006152e064

    • SHA512

      2007ddbfca5d30d4c340c2bbda228a533af8ccaf2d0179bb3ecbed34d174b9b8d815f9f998a230086039ac87e6eb80bfc516d6beb79af21ff8d0a59a0c9f8b58

    • SSDEEP

      3072:goaEusF4LTVd/dxZX8LA4RYb9Vj+FpKebixx3eePikYSm2ziqz5f9:guoNDv8/diewcS7zt

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

MITRE ATT&CK Enterprise v15

Tasks