General

  • Target

    8a478cfe8dc3bd591e285c9eecc29511_JaffaCakes118

  • Size

    1.2MB

  • Sample

    241103-h86p5sydja

  • MD5

    8a478cfe8dc3bd591e285c9eecc29511

  • SHA1

    be3c2047dfdeadfd0e084abbed49f0009f66925f

  • SHA256

    eb10601d1d837a87413522ef8008af7306f79ee79117d46633b948b0c04f0773

  • SHA512

    32b16a0e4c2872d916a61ceff563f84d0f9e761ead0351d5f8fec0dcf9b872728637e0d34d751f840ca7d1563c325b7ba2b2c66aa3409add2a6e9677c3a94b0f

  • SSDEEP

    24576:bXYXdpmJhNi2rFEi/GeDAL53+1g32e9Q6yjxESilkt6cNBam:bXSpm9eie53++Rtyukt6cNr

Malware Config

Targets

    • Target

      Config/pwcheck.exe

    • Size

      3.3MB

    • MD5

      6a38f2cd50b05cc2c384d47f5a8fc13d

    • SHA1

      db8de0666e906f1d2249da1504e4b841cd943105

    • SHA256

      0de9bd650fbbd1870bbdadd2a78deeada61b40335a106af73d4d8484d14c363b

    • SHA512

      3b5bbcde586f47cb3cf22750debb6bd00ab0a18871b78dc6d4b36dc51a1d7a4f4e6661694a5b354fd64cf2b884a9e068978f29cc6a3b11ed2b481a530a56c27f

    • SSDEEP

      49152:p3INxQ7tqTvzUYeufB7kh4KA0BqgbHpgZ2YNZ/SZDiAbGJqT5+GP:p+gCzUYeufB7kh4KA0BqgHpgZdHqWA

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook accounts

    • Accesses Microsoft Outlook profiles

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Target

      PWAuto.exe

    • Size

      309KB

    • MD5

      afb0579900edc570df1393d06f5ad682

    • SHA1

      e69e0af42a4fa5e1d3a724a338dcbf32c0f0179d

    • SHA256

      ffdedeab2724f4c3b9596d8c068026d6897bf8d50ede8d11627da285db24da31

    • SHA512

      071d52fbc102d3fee50016222c8cb4f3075136bacd61a66d763153aa8d8732dca1ef889cd2901ef68cf60083cddd6092c14eba37d05aaaf60920f780e65a2e7e

    • SSDEEP

      3072:1xZaOGXkWDxEfSR0H5tnSBaYAFilesrWcBBcIpSbYf2j2Fzi8Igmzp2yNpovdo8S:BLsNSAAvnt9JcJf2jKzKl3oO8w

    Score
    6/10

MITRE ATT&CK Enterprise v15

Tasks