General

  • Target

    JaffaCakes118_c863fe25725ec45a087a6581474d826e

  • Size

    26KB

  • Sample

    250119-p6fjhayjgv

  • MD5

    c863fe25725ec45a087a6581474d826e

  • SHA1

    42f41942bc9b85ddff85b44c6ae2ee4c373d64cd

  • SHA256

    6bd39f76d9e7d936d65a16943ba1af44bfbe9626c7ff5c898802877717a8758f

  • SHA512

    64b75eb19cda7d6e9604838c44779264e16d5b111a2f37645cd955002630b778a3ffecaa68a8016c9d81bd69000cb672fd257f2f3a5b1758db9fc4ad902e8eb7

  • SSDEEP

    384:+23241Js9lCZwxNcWx5mlQ2KGLcI+mXSx4keh5cDWviiRRZH07:F2KJela5W3k0GLcItsqq0Rc

Malware Config

Targets

    • Target

      JaffaCakes118_c863fe25725ec45a087a6581474d826e

    • Size

      26KB

    • MD5

      c863fe25725ec45a087a6581474d826e

    • SHA1

      42f41942bc9b85ddff85b44c6ae2ee4c373d64cd

    • SHA256

      6bd39f76d9e7d936d65a16943ba1af44bfbe9626c7ff5c898802877717a8758f

    • SHA512

      64b75eb19cda7d6e9604838c44779264e16d5b111a2f37645cd955002630b778a3ffecaa68a8016c9d81bd69000cb672fd257f2f3a5b1758db9fc4ad902e8eb7

    • SSDEEP

      384:+23241Js9lCZwxNcWx5mlQ2KGLcI+mXSx4keh5cDWviiRRZH07:F2KJela5W3k0GLcItsqq0Rc

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Enterprise v15

Tasks