General

  • Target

    JaffaCakes118_5b25ecffdc48ae7d048a6d4350d1ceee

  • Size

    581KB

  • Sample

    250115-s49w4sxje1

  • MD5

    5b25ecffdc48ae7d048a6d4350d1ceee

  • SHA1

    eadca81d525ee13f74b183e4135bbe923f19978e

  • SHA256

    4d862f4bee39a55862f7ffa6d7b22b9e6a368c06dc7a9fa03e23094622e74931

  • SHA512

    55902eedecc19833c88beca176192a43e7fa24b1c2f1c4e5d0feb5fde747507c3ae45448c12f63b0129d78624bc39e0ee1dd4fae68ea412e46c16982bf94d321

  • SSDEEP

    12288:v9d1Yco+gunfCEAWfykqVNeN24e6cJN6WSEizWYb:VdCZunjaVNeN2Z0Kk

Malware Config

Targets

    • Target

      JaffaCakes118_5b25ecffdc48ae7d048a6d4350d1ceee

    • Size

      581KB

    • MD5

      5b25ecffdc48ae7d048a6d4350d1ceee

    • SHA1

      eadca81d525ee13f74b183e4135bbe923f19978e

    • SHA256

      4d862f4bee39a55862f7ffa6d7b22b9e6a368c06dc7a9fa03e23094622e74931

    • SHA512

      55902eedecc19833c88beca176192a43e7fa24b1c2f1c4e5d0feb5fde747507c3ae45448c12f63b0129d78624bc39e0ee1dd4fae68ea412e46c16982bf94d321

    • SSDEEP

      12288:v9d1Yco+gunfCEAWfykqVNeN24e6cJN6WSEizWYb:VdCZunjaVNeN2Z0Kk

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks