General

  • Target

    JaffaCakes118_aea5dba2baa53025bc26c27a8aef623653dcfdb7df1e7e77aade8c58da52b0f6

  • Size

    305KB

  • Sample

    241222-z1xwpszkem

  • MD5

    92ed61c0672bbd886427a126f856df68

  • SHA1

    2853b10a51ce7e1bfaf162512e91c00b264821c7

  • SHA256

    aea5dba2baa53025bc26c27a8aef623653dcfdb7df1e7e77aade8c58da52b0f6

  • SHA512

    9997cf62fe2a8a5d63c1f0e149664055be25bb38b86a88dccad08354368bbf68291260bf07da18639683b4dfacc6ca510408584dcae15b49212a1ccba4c86b4a

  • SSDEEP

    6144:/YTlE4T40wDc5fBetGBV3v1NqlVC+xO6zoiP0bBnijlDQY7CdU8oA:Ne40wDc50G2W+xO6zoiP2BCDQYuUS

Malware Config

Targets

    • Target

      f593b73c91003518c20cdc8be04f3a1f8a68ca3ded04700f675a543ac278ab07.exe

    • Size

      353KB

    • MD5

      dba9c11e2f0b6a3ded91c9c87ce79f72

    • SHA1

      6b4b47cd1f9ed1aefe209a40f9c54c1e16db25d6

    • SHA256

      f593b73c91003518c20cdc8be04f3a1f8a68ca3ded04700f675a543ac278ab07

    • SHA512

      019009734e53f03eed7f42f638983fd06728fa84844021ae79e3b2bdccc4b0b2701f2779bebde466c327363d0637df9f50bebb253d39a70eec63ba19be9cac12

    • SSDEEP

      6144:I/Bg80VmNTBo/x95ZjAetGDN3VFNq7pC+9OqFoK30b3ni5rdQY/CdUOs2:I/s4NTS/x9jNG+w+9OqFoK323qdQYKUG

    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

    • Mimikatz family

    • mimikatz is an open source tool to dump credentials on Windows

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks