General

  • Target

    JaffaCakes118_62b6f78cf74cdf441960405f2b08740a

  • Size

    636KB

  • Sample

    250115-1ly1wswket

  • MD5

    62b6f78cf74cdf441960405f2b08740a

  • SHA1

    e7eedaa5d9a2c32caae9efce5154097fad382a4b

  • SHA256

    6af971d9aa97faf349a34dd7e0e8c9a47796a8b3bfe8a55794a9f5a2042cd071

  • SHA512

    8606d8ea9adee1f493d27a90985722f710d7cac3650214f5c3e4696fc1ba841d91a096348e800fa6d9ee107a3ade1c522b5ae9f0cf165e066a1ded6d0d629623

  • SSDEEP

    12288:CXsETlBnPVibcHXn+XrKiE9DamsHaEcdrVQilrJQwhe9aEAyvUCk:msEJR8bwfUH8rVQilrmwA9E

Malware Config

Targets

    • Target

      JaffaCakes118_62b6f78cf74cdf441960405f2b08740a

    • Size

      636KB

    • MD5

      62b6f78cf74cdf441960405f2b08740a

    • SHA1

      e7eedaa5d9a2c32caae9efce5154097fad382a4b

    • SHA256

      6af971d9aa97faf349a34dd7e0e8c9a47796a8b3bfe8a55794a9f5a2042cd071

    • SHA512

      8606d8ea9adee1f493d27a90985722f710d7cac3650214f5c3e4696fc1ba841d91a096348e800fa6d9ee107a3ade1c522b5ae9f0cf165e066a1ded6d0d629623

    • SSDEEP

      12288:CXsETlBnPVibcHXn+XrKiE9DamsHaEcdrVQilrJQwhe9aEAyvUCk:msEJR8bwfUH8rVQilrmwA9E

    • Credentials from Password Stores: Windows Credential Manager

      Suspicious access to Credentials History.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks