Overview

overview

10

Static

static

3

JaffaCakes...ad.exe

windows7-x64

10

JaffaCakes...ad.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7319d5f565a479b81be5ad569e1d28ad

  • Size

    841KB

  • Sample

    250107-w9xqhsvngl

  • MD5

    7319d5f565a479b81be5ad569e1d28ad

  • SHA1

    f1bb910247d8c574282f721226f36c2261c2ba39

  • SHA256

    48ca62cc6c30606d251c4854994fc2ab4291b2397f8909c78bca81c236dd0d21

  • SHA512

    6dd06e8813b9438a7b961c915732f292ef08005e7635c3db083a8c827346ff3b1be949040ea7d0194bd69cf4012892c5386f9a7f756b6dba12dc346865da9f2b

  • SSDEEP

    12288:TU29hEYJ3bupD50ay4/hEKkFk/SosM5a1vt+PiCKBikzUtA0skzI2Dx4e4VhHeRT:vEYspD50al7cdc5a1VbIJwq

Score
10/10
44caliberspywarestealer

Malware Config

Targets

    • Target

      JaffaCakes118_7319d5f565a479b81be5ad569e1d28ad

    • Size

      841KB

    • MD5

      7319d5f565a479b81be5ad569e1d28ad

    • SHA1

      f1bb910247d8c574282f721226f36c2261c2ba39

    • SHA256

      48ca62cc6c30606d251c4854994fc2ab4291b2397f8909c78bca81c236dd0d21

    • SHA512

      6dd06e8813b9438a7b961c915732f292ef08005e7635c3db083a8c827346ff3b1be949040ea7d0194bd69cf4012892c5386f9a7f756b6dba12dc346865da9f2b

    • SSDEEP

      12288:TU29hEYJ3bupD50ay4/hEKkFk/SosM5a1vt+PiCKBikzUtA0skzI2Dx4e4VhHeRT:vEYspD50al7cdc5a1VbIJwq

    Score
    10/10
    44caliberspywarestealer

    • 44Caliber

      An open source infostealer written in C#.

      stealer44caliber

    • 44Caliber family

      44caliber

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks