General

  • Target

    JaffaCakes118_a1e968cfad91263906ae00d07f775b1338adf1b22defd8bf67d3600c18f637e2

  • Size

    325KB

  • Sample

    241224-bsm5jaxpcx

  • MD5

    9d3c436cfd5420feee4b4d62b0c3c6c5

  • SHA1

    89fef0403582a14bbc9969ad19e54af441923d72

  • SHA256

    a1e968cfad91263906ae00d07f775b1338adf1b22defd8bf67d3600c18f637e2

  • SHA512

    89877393db8982bef3d3c8975045ae6beb06dd83a3ab7e080d062ff30516a36744ffdacfcc51548525535e9d5c10496a814bb7331cc9a487e35c93b78cac21fd

  • SSDEEP

    6144:ssO8jOe16EeqNfpn+oigloI585/xn50kauC/TvXRsPb4+iOEz:ss3z14ahlovfn5TauQTfRtx

Malware Config

Targets

    • Target

      2027dd3db9670636d9268c9a39b6cd6a40af8256444db41b6b295a421b1a1a3e.bin.sample

    • Size

      366KB

    • MD5

      1faa210f14acf27e2f8fc144d2f9f540

    • SHA1

      0742a42f0e3234473602a056eccd02f29427037a

    • SHA256

      2027dd3db9670636d9268c9a39b6cd6a40af8256444db41b6b295a421b1a1a3e

    • SHA512

      7bab21321bcab8cc88485ec717cdf5d31b3f52a860106e78292526d3ce3cceff1698464090b1671a67b743af81f666279d234832176581201e4979aeaea1b598

    • SSDEEP

      6144:PLh5iWs5gArF3LDd84ESQoCGhWg2ZQkyDfTbjfyLX1WYaaGM6BtT2:PN5iWs5gZ4E6CyWgcQBzvja4YaaUtT2

    • Mimikatz

      mimikatz is an open source tool to dump credentials on Windows.

    • Mimikatz family

    • mimikatz is an open source tool to dump credentials on Windows

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

MITRE ATT&CK Enterprise v15

Tasks