General

  • Target

    JaffaCakes118_40d6a7def5128a074866d6d0591f698e

  • Size

    315KB

  • Sample

    250127-sjfgrsvmhj

  • MD5

    40d6a7def5128a074866d6d0591f698e

  • SHA1

    71b61ac5d305864a0fde0ae7eaa9f10bad259e62

  • SHA256

    a471320dfa04b8f23389c428d2bbe2e81c8645e8dca083a02e51e325f496ff1d

  • SHA512

    433459fdbd24dc8ad223e2f45a632856a4a6a70c441336a277027844f5716755ff2990d35a445240dee8d663b766ee48164e1fedf6bf89cc27e5a1a4cb779b55

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4sK7lA2qES5DYigiZGP0dFU:91OgLdaNAh35DYxiZA0dFU

Malware Config

Targets

    • Target

      JaffaCakes118_40d6a7def5128a074866d6d0591f698e

    • Size

      315KB

    • MD5

      40d6a7def5128a074866d6d0591f698e

    • SHA1

      71b61ac5d305864a0fde0ae7eaa9f10bad259e62

    • SHA256

      a471320dfa04b8f23389c428d2bbe2e81c8645e8dca083a02e51e325f496ff1d

    • SHA512

      433459fdbd24dc8ad223e2f45a632856a4a6a70c441336a277027844f5716755ff2990d35a445240dee8d663b766ee48164e1fedf6bf89cc27e5a1a4cb779b55

    • SSDEEP

      6144:91OgDPdkBAFZWjadD4sK7lA2qES5DYigiZGP0dFU:91OgLdaNAh35DYxiZA0dFU

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v15

Tasks