General

  • Target

    8f3f231e4ef19be1b0f75080c74d0539_JaffaCakes118

  • Size

    1.3MB

  • Sample

    241104-fhpmtswrhp

  • MD5

    8f3f231e4ef19be1b0f75080c74d0539

  • SHA1

    c6849956a3225024855468ae68663e4492e4412d

  • SHA256

    18291e4229371a703af2a043f91c0b98d84612ae566c91f23cd30719c7ffcfda

  • SHA512

    8d6feadc9f5440f61cae1684ba505d8f1e7289a156d71a826e61c241b1243cca43ed8154c99851395ed50f8f925b0668d1ab974bfbf92d56c949adb3bc652ec6

  • SSDEEP

    24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5

Malware Config

Targets

    • Target

      8f3f231e4ef19be1b0f75080c74d0539_JaffaCakes118

    • Size

      1.3MB

    • MD5

      8f3f231e4ef19be1b0f75080c74d0539

    • SHA1

      c6849956a3225024855468ae68663e4492e4412d

    • SHA256

      18291e4229371a703af2a043f91c0b98d84612ae566c91f23cd30719c7ffcfda

    • SHA512

      8d6feadc9f5440f61cae1684ba505d8f1e7289a156d71a826e61c241b1243cca43ed8154c99851395ed50f8f925b0668d1ab974bfbf92d56c949adb3bc652ec6

    • SSDEEP

      24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks