General

  • Target

    JaffaCakes118_64dbfab407726ed673ef4f6c0d9990db

  • Size

    1.6MB

  • Sample

    250115-3mt5fa1ngn

  • MD5

    64dbfab407726ed673ef4f6c0d9990db

  • SHA1

    43974782226da5c06a29f945709426b8fb0d63e4

  • SHA256

    10bd26571e48223a5bb1fd33af82858c8c56c2b524d7193669fd746b3bc6c691

  • SHA512

    a7a1a25ec2f7d754cf017a2d16c79d25eb9e755ac8d26d346656fb21645fb74462f8a4d0359bc149525f7b78bccbf7666e1fda572982d3721e14d6f4e757afdd

  • SSDEEP

    49152:tHf9VQRRqvelYDVPddMgGuL83/YfTq0rj:tlVSgdDJM3w9

Malware Config

Targets

    • Target

      JaffaCakes118_64dbfab407726ed673ef4f6c0d9990db

    • Size

      1.6MB

    • MD5

      64dbfab407726ed673ef4f6c0d9990db

    • SHA1

      43974782226da5c06a29f945709426b8fb0d63e4

    • SHA256

      10bd26571e48223a5bb1fd33af82858c8c56c2b524d7193669fd746b3bc6c691

    • SHA512

      a7a1a25ec2f7d754cf017a2d16c79d25eb9e755ac8d26d346656fb21645fb74462f8a4d0359bc149525f7b78bccbf7666e1fda572982d3721e14d6f4e757afdd

    • SSDEEP

      49152:tHf9VQRRqvelYDVPddMgGuL83/YfTq0rj:tlVSgdDJM3w9

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks