General

  • Target

    JaffaCakes118_c66b7d4d5ca686b96296ac6f5dfeada6

  • Size

    349KB

  • Sample

    250119-nj8fbsvndt

  • MD5

    c66b7d4d5ca686b96296ac6f5dfeada6

  • SHA1

    6adbad6960a3b4543c95c7e01e4c2c0b95da8f1f

  • SHA256

    66af8a3d7566cddbb30925c6f01def63e81235f472453549ed0e1ba2a93f13df

  • SHA512

    7de6bc97d7021e7416bcfb102cd09f3b2321a3446cfa85a5979843a9016112519da0576c56132fd07d40597ec7355bac626ac33236d887fbc0d324219fedf67d

  • SSDEEP

    6144:yJWqt0sVkkzaYG1fH+S1+35edln74XkL2gfI1ChMiyB5+X/4:vqtrmHlI35edR74cZh3yBgg

Malware Config

Targets

    • Target

      JaffaCakes118_c66b7d4d5ca686b96296ac6f5dfeada6

    • Size

      349KB

    • MD5

      c66b7d4d5ca686b96296ac6f5dfeada6

    • SHA1

      6adbad6960a3b4543c95c7e01e4c2c0b95da8f1f

    • SHA256

      66af8a3d7566cddbb30925c6f01def63e81235f472453549ed0e1ba2a93f13df

    • SHA512

      7de6bc97d7021e7416bcfb102cd09f3b2321a3446cfa85a5979843a9016112519da0576c56132fd07d40597ec7355bac626ac33236d887fbc0d324219fedf67d

    • SSDEEP

      6144:yJWqt0sVkkzaYG1fH+S1+35edln74XkL2gfI1ChMiyB5+X/4:vqtrmHlI35edR74cZh3yBgg

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Accesses Microsoft Outlook profiles

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks