Overview

overview

7

Static

static

3

b4ed4ab801...18.exe

windows7-x64

7

b4ed4ab801...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b4ed4ab8018a303d08aebea1b1e94e25_JaffaCakes118

  • Size

    5.6MB

  • Sample

    241130-ftx4catpfz

  • MD5

    b4ed4ab8018a303d08aebea1b1e94e25

  • SHA1

    ae7d0d38e1b418bfa3f653917924aee3023bda08

  • SHA256

    a49e4647440419abdf361c7693d157dc0a8db5ab5d0c59bea65cc0bce2babcf8

  • SHA512

    c0ded4ee2a36e593521e8bb68111950679b85aa96ce1718b2e74aa2c4e215c937e1ff0406040550da1945dba27dd724d79b5e5d7c5dcdc29b0156595b40e38dd

  • SSDEEP

    49152:4rOO53RTqtiwmDtarhbuRKwpBk7to4SL4LLseIgekI:4rOO53QCOHC4mo1ekI

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      b4ed4ab8018a303d08aebea1b1e94e25_JaffaCakes118

    • Size

      5.6MB

    • MD5

      b4ed4ab8018a303d08aebea1b1e94e25

    • SHA1

      ae7d0d38e1b418bfa3f653917924aee3023bda08

    • SHA256

      a49e4647440419abdf361c7693d157dc0a8db5ab5d0c59bea65cc0bce2babcf8

    • SHA512

      c0ded4ee2a36e593521e8bb68111950679b85aa96ce1718b2e74aa2c4e215c937e1ff0406040550da1945dba27dd724d79b5e5d7c5dcdc29b0156595b40e38dd

    • SSDEEP

      49152:4rOO53RTqtiwmDtarhbuRKwpBk7to4SL4LLseIgekI:4rOO53QCOHC4mo1ekI

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks