General

  • Target

    JaffaCakes118_5d1ba3f5f661b19359c61da6ef3b782d

  • Size

    1.9MB

  • Sample

    250115-vpn27sypdz

  • MD5

    5d1ba3f5f661b19359c61da6ef3b782d

  • SHA1

    f2c561cbde240bc75980a71f6fb718dbf5f6b69a

  • SHA256

    7ea03fe467d81de4b79d27130b78f2edbf926a99cf7deed8a7e48c5190ca3fd5

  • SHA512

    f946242585801862708bd588558c1cf86c7fe3778bbf9588bca3b15300b6af1b71b8984e19561cd3f7c97e48bfe8a7e3fe383436571dbeeb7ff9d6bcda3e105d

  • SSDEEP

    49152:sb8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsGb:zSBnW5d+lub3asPs9S7pcr2

Malware Config

Targets

    • Target

      JaffaCakes118_5d1ba3f5f661b19359c61da6ef3b782d

    • Size

      1.9MB

    • MD5

      5d1ba3f5f661b19359c61da6ef3b782d

    • SHA1

      f2c561cbde240bc75980a71f6fb718dbf5f6b69a

    • SHA256

      7ea03fe467d81de4b79d27130b78f2edbf926a99cf7deed8a7e48c5190ca3fd5

    • SHA512

      f946242585801862708bd588558c1cf86c7fe3778bbf9588bca3b15300b6af1b71b8984e19561cd3f7c97e48bfe8a7e3fe383436571dbeeb7ff9d6bcda3e105d

    • SSDEEP

      49152:sb8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsGb:zSBnW5d+lub3asPs9S7pcr2

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks