General
-
Target
d6a1ab2daea41e90484caec2a4d67afc_JaffaCakes118
-
Size
8.7MB
-
Sample
241208-msc54swlcl
-
MD5
d6a1ab2daea41e90484caec2a4d67afc
-
SHA1
4b802190601bcf4a16bac79b2d92b8bd05a5470b
-
SHA256
630bcd397047e705dcef03a42ffeff2646dd00c41a91615f0de48354131c78fe
-
SHA512
4288d3babc19661cc4e4b1e3b2521c8db72b5e02480190d1e172f09c7b0c9c4ca0eddb42ee61e0bb7c1eade7fe8a0c6949e92570f6662ea23a8558ec7571ea9d
-
SSDEEP
196608:WQR0skDgPH8TKHnp125eUDJMlLCUu+2763PoyR:WQR7pcT3AUFMhCUu+2oPoM
Static task
static1
Behavioral task
behavioral1
Sample
d6a1ab2daea41e90484caec2a4d67afc_JaffaCakes118.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
d6a1ab2daea41e90484caec2a4d67afc_JaffaCakes118
-
Size
8.7MB
-
MD5
d6a1ab2daea41e90484caec2a4d67afc
-
SHA1
4b802190601bcf4a16bac79b2d92b8bd05a5470b
-
SHA256
630bcd397047e705dcef03a42ffeff2646dd00c41a91615f0de48354131c78fe
-
SHA512
4288d3babc19661cc4e4b1e3b2521c8db72b5e02480190d1e172f09c7b0c9c4ca0eddb42ee61e0bb7c1eade7fe8a0c6949e92570f6662ea23a8558ec7571ea9d
-
SSDEEP
196608:WQR0skDgPH8TKHnp125eUDJMlLCUu+2763PoyR:WQR7pcT3AUFMhCUu+2oPoM
-
Detects Echelon Stealer payload
-
Echelon family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1