General

  • Target

    JaffaCakes118_c8828e0c0ceb068e9880051d390b93e4

  • Size

    378KB

  • Sample

    250119-p9cxsayqcm

  • MD5

    c8828e0c0ceb068e9880051d390b93e4

  • SHA1

    4ebadb520eaf3c5ab6c9b4c9a8307bb434055d73

  • SHA256

    4f98979ae89cdbe39276f24b0a3ded3fe0b5f964c477cd364804581f79910832

  • SHA512

    dca325c684a1a5507baacd4cab1cacc88a693aacc5d53b08b0918214eed3f3ccedaf03ff36e4d818678e8170b33d01490d6196ca8e9b28b3e16dc001bc4d188a

  • SSDEEP

    6144:5u2urzh9xu/XkauUmJ98b3rVEs/uQsG4cARhC/U5Pyu3jRA98tpOSmWnIbXyYShR:5utrzh9xOXkLyrVEqs7KGOeIbDO9/

Malware Config

Targets

    • Target

      JaffaCakes118_c8828e0c0ceb068e9880051d390b93e4

    • Size

      378KB

    • MD5

      c8828e0c0ceb068e9880051d390b93e4

    • SHA1

      4ebadb520eaf3c5ab6c9b4c9a8307bb434055d73

    • SHA256

      4f98979ae89cdbe39276f24b0a3ded3fe0b5f964c477cd364804581f79910832

    • SHA512

      dca325c684a1a5507baacd4cab1cacc88a693aacc5d53b08b0918214eed3f3ccedaf03ff36e4d818678e8170b33d01490d6196ca8e9b28b3e16dc001bc4d188a

    • SSDEEP

      6144:5u2urzh9xu/XkauUmJ98b3rVEs/uQsG4cARhC/U5Pyu3jRA98tpOSmWnIbXyYShR:5utrzh9xOXkLyrVEqs7KGOeIbDO9/

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks