General

  • Target

    JaffaCakes118_64fcfcd899f55865213fa443809736f9

  • Size

    1.6MB

  • Sample

    250115-3ralla1phq

  • MD5

    64fcfcd899f55865213fa443809736f9

  • SHA1

    2feec0432659eb772216cb593ba5ab4a91049686

  • SHA256

    2396a424ad028e712aa019c4a1c9f4ff563ff7dc44511196ac9b1e363b36ab27

  • SHA512

    df555718c5d8d954cde6b33909325d9c791690525dab6ba47c3f30d094296d52550605d7028b034e0ef4336a974676433ff32699c3882924bc330a764ed56aeb

  • SSDEEP

    49152:3qfouESz1iwMTcimKjAp3lgPRgXFT6LrA:3luviwuci5RgXN

Malware Config

Targets

    • Target

      JaffaCakes118_64fcfcd899f55865213fa443809736f9

    • Size

      1.6MB

    • MD5

      64fcfcd899f55865213fa443809736f9

    • SHA1

      2feec0432659eb772216cb593ba5ab4a91049686

    • SHA256

      2396a424ad028e712aa019c4a1c9f4ff563ff7dc44511196ac9b1e363b36ab27

    • SHA512

      df555718c5d8d954cde6b33909325d9c791690525dab6ba47c3f30d094296d52550605d7028b034e0ef4336a974676433ff32699c3882924bc330a764ed56aeb

    • SSDEEP

      49152:3qfouESz1iwMTcimKjAp3lgPRgXFT6LrA:3luviwuci5RgXN

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks