General

  • Target

    JaffaCakes118_d1755cc1a5dd4b06c0a5b13325d3b312

  • Size

    1.9MB

  • Sample

    250119-ylzajssrbz

  • MD5

    d1755cc1a5dd4b06c0a5b13325d3b312

  • SHA1

    a4bef2b14e85c78a11ca87fa3f31dc26cfc10d0d

  • SHA256

    6bd3df78c6d08aa9a28038ffecd6b790cc6b688d72a1f3449e614ae37223a0f4

  • SHA512

    16e5247950a7664566338a1c7bb8aea53727d78ec02b62e2cef859410415fb7d3cafb76c1e203db848829e2f851c7e293766762c6c3f2e462f847bb5ad27e04e

  • SSDEEP

    49152:sG8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsv7:OSBnW5d+lub3asPs9S7pcrD

Malware Config

Targets

    • Target

      JaffaCakes118_d1755cc1a5dd4b06c0a5b13325d3b312

    • Size

      1.9MB

    • MD5

      d1755cc1a5dd4b06c0a5b13325d3b312

    • SHA1

      a4bef2b14e85c78a11ca87fa3f31dc26cfc10d0d

    • SHA256

      6bd3df78c6d08aa9a28038ffecd6b790cc6b688d72a1f3449e614ae37223a0f4

    • SHA512

      16e5247950a7664566338a1c7bb8aea53727d78ec02b62e2cef859410415fb7d3cafb76c1e203db848829e2f851c7e293766762c6c3f2e462f847bb5ad27e04e

    • SSDEEP

      49152:sG8QbBnW5oGvmx4UJASuA4wDinashps9AzV1pCh9mLsv7:OSBnW5d+lub3asPs9S7pcrD

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks