General

  • Target

    aaadc3682c3878ad3248752370d7e37d_JaffaCakes118

  • Size

    371KB

  • Sample

    241128-c6c26axpfj

  • MD5

    aaadc3682c3878ad3248752370d7e37d

  • SHA1

    4b38697fe078453445aae8989af30757fe03f8cb

  • SHA256

    b12b68fca3e63ed129254c48715f08ff1966a815614c5f58e3922dcf5bd7bc54

  • SHA512

    ca775c981c456b2415b44337a8f8d3b96479e716bb995e3ecd638607e654a99ac331913ec8bd011c37c9ec4f98173f437746e21f3471ee64db1960c2bfa4ee04

  • SSDEEP

    6144:fweIQjWjG5FcdhP52YIvHkvCBDIfT6/nEyecsXGyWB2MXCwaauPYLi1G6UDsDQcG:f4G+B2YDUUf+icsWuMXCbpPQBGtyEs

Malware Config

Targets

    • Target

      aaadc3682c3878ad3248752370d7e37d_JaffaCakes118

    • Size

      371KB

    • MD5

      aaadc3682c3878ad3248752370d7e37d

    • SHA1

      4b38697fe078453445aae8989af30757fe03f8cb

    • SHA256

      b12b68fca3e63ed129254c48715f08ff1966a815614c5f58e3922dcf5bd7bc54

    • SHA512

      ca775c981c456b2415b44337a8f8d3b96479e716bb995e3ecd638607e654a99ac331913ec8bd011c37c9ec4f98173f437746e21f3471ee64db1960c2bfa4ee04

    • SSDEEP

      6144:fweIQjWjG5FcdhP52YIvHkvCBDIfT6/nEyecsXGyWB2MXCwaauPYLi1G6UDsDQcG:f4G+B2YDUUf+icsWuMXCbpPQBGtyEs

    • ISR Stealer

      ISR Stealer is a modified version of Hackhound Stealer written in visual basic.

    • ISR Stealer payload

    • Isrstealer family

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Suspicious use of SetThreadContext

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks