General

  • Target

    JaffaCakes118_d14a4391da89927bdb2bf46e9a09819a

  • Size

    348KB

  • Sample

    250119-ygx7paspex

  • MD5

    d14a4391da89927bdb2bf46e9a09819a

  • SHA1

    53b608fc2fe97b2a26105dbfff67a5809bb32d18

  • SHA256

    1b2e93ee9b4361aedd27f8951db59f787d56e73adb87a02481a2a8b42d1ee6a7

  • SHA512

    46c58e28bbb9a6382a6a3f8bacedd62c135c509001f5558870539acf8e48501342773376c94751523bb53b51c9d762da9660f93e634c88daa178f541c4568551

  • SSDEEP

    6144:jB5UBw0ld76O5/ljKURLnCTC2BdhNfLc0J88NtzWAwD1mUZh2rfthWF/do76s4Hh:jkZ6ElpLACwdhxLtemahSSFVo76s4OO

Malware Config

Targets

    • Target

      JaffaCakes118_d14a4391da89927bdb2bf46e9a09819a

    • Size

      348KB

    • MD5

      d14a4391da89927bdb2bf46e9a09819a

    • SHA1

      53b608fc2fe97b2a26105dbfff67a5809bb32d18

    • SHA256

      1b2e93ee9b4361aedd27f8951db59f787d56e73adb87a02481a2a8b42d1ee6a7

    • SHA512

      46c58e28bbb9a6382a6a3f8bacedd62c135c509001f5558870539acf8e48501342773376c94751523bb53b51c9d762da9660f93e634c88daa178f541c4568551

    • SSDEEP

      6144:jB5UBw0ld76O5/ljKURLnCTC2BdhNfLc0J88NtzWAwD1mUZh2rfthWF/do76s4Hh:jkZ6ElpLACwdhxLtemahSSFVo76s4OO

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Disables taskbar notifications via registry modification

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Modifies system executable filetype association

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks