General

  • Target

    b4f2fd683d85b9524e40ab859bdfefd5_JaffaCakes118

  • Size

    1.0MB

  • Sample

    241130-fy3vdsynem

  • MD5

    b4f2fd683d85b9524e40ab859bdfefd5

  • SHA1

    26a85aefaff63854dafd033d537df05dd4de3491

  • SHA256

    31387352fcff5f4793a49cc817a8d51d9bd06789c1efdca267fb68bc6b383a96

  • SHA512

    ee9b79d2b1269a909ce09d132865ea47d0ce61d77c194c7a9506758144e5d9c7a2e25b789592a108d800a49f12a59811297a278ef7e4c27ebb92c42cff11bd71

  • SSDEEP

    24576:PLimcgTp6Gy8pRyeBu44s76/cxgND387DBKyLYO:PLkgTrtDyZ4446/cxgNELYO

Malware Config

Targets

    • Target

      b4f2fd683d85b9524e40ab859bdfefd5_JaffaCakes118

    • Size

      1.0MB

    • MD5

      b4f2fd683d85b9524e40ab859bdfefd5

    • SHA1

      26a85aefaff63854dafd033d537df05dd4de3491

    • SHA256

      31387352fcff5f4793a49cc817a8d51d9bd06789c1efdca267fb68bc6b383a96

    • SHA512

      ee9b79d2b1269a909ce09d132865ea47d0ce61d77c194c7a9506758144e5d9c7a2e25b789592a108d800a49f12a59811297a278ef7e4c27ebb92c42cff11bd71

    • SSDEEP

      24576:PLimcgTp6Gy8pRyeBu44s76/cxgND387DBKyLYO:PLkgTrtDyZ4446/cxgNELYO

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks