General

  • Target

    JaffaCakes118_64ed42587e4117933b5171ac6ad8f956

  • Size

    112KB

  • Sample

    250115-3p67sa1pel

  • MD5

    64ed42587e4117933b5171ac6ad8f956

  • SHA1

    5e462a5f40ece37aa0ff4d88d145954ea07da047

  • SHA256

    2c8d25869c69b6d8f3feb99136c228c4eaf00cc9a349c29630cb1aee566eda14

  • SHA512

    9bbed91e5e9e02d05cd6c22cc184b1185b0ba195add3f5576c8f7a59ff244306255467b75654c96fdeec73af9ef7d928a141591c31b7bf8f000e1f22cbd90526

  • SSDEEP

    1536:oMg97otv4lQg8HN/9SGJSMoLeuUi2cF4DfQKRx50KVT4iKEFXvxKqHs:o2tv7twG1oLZFMfQeN/Xey

Malware Config

Targets

    • Target

      JaffaCakes118_64ed42587e4117933b5171ac6ad8f956

    • Size

      112KB

    • MD5

      64ed42587e4117933b5171ac6ad8f956

    • SHA1

      5e462a5f40ece37aa0ff4d88d145954ea07da047

    • SHA256

      2c8d25869c69b6d8f3feb99136c228c4eaf00cc9a349c29630cb1aee566eda14

    • SHA512

      9bbed91e5e9e02d05cd6c22cc184b1185b0ba195add3f5576c8f7a59ff244306255467b75654c96fdeec73af9ef7d928a141591c31b7bf8f000e1f22cbd90526

    • SSDEEP

      1536:oMg97otv4lQg8HN/9SGJSMoLeuUi2cF4DfQKRx50KVT4iKEFXvxKqHs:o2tv7twG1oLZFMfQeN/Xey

    • Grants admin privileges

      Uses net.exe to modify the user's privileges.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Network Service Discovery

      Attempt to gather information on host's network.

    • Network Share Discovery

      Attempt to gather information on host network.

    • Enumerates processes with tasklist

MITRE ATT&CK Enterprise v15

Tasks