General

  • Target

    JaffaCakes118_1b1bdaccbe69ffd92519feb6057f7f71

  • Size

    261KB

  • Sample

    250630-y7at3sxvbx

  • MD5

    1b1bdaccbe69ffd92519feb6057f7f71

  • SHA1

    3dfef54c967fef4993cc93ce6210a0b64e909db5

  • SHA256

    a04997a5204003e5048548c6d9c36eb06b5e5d6ed9b4e12e0024296ab15e6209

  • SHA512

    441f0e3242793405a85efb408fe7947560b439139084a7f0fe9c0d2a971d6417adc4aebe329a4fa64065489db0960778bf4690fda528dcb7849a70c8daabc207

  • SSDEEP

    6144:V5uplxAAZcR/6TkINkbuCbX4HGIpEFNMr5Ux:V5kXC19bXImIpEFNM14

Malware Config

Targets

    • Target

      JaffaCakes118_1b1bdaccbe69ffd92519feb6057f7f71

    • Size

      261KB

    • MD5

      1b1bdaccbe69ffd92519feb6057f7f71

    • SHA1

      3dfef54c967fef4993cc93ce6210a0b64e909db5

    • SHA256

      a04997a5204003e5048548c6d9c36eb06b5e5d6ed9b4e12e0024296ab15e6209

    • SHA512

      441f0e3242793405a85efb408fe7947560b439139084a7f0fe9c0d2a971d6417adc4aebe329a4fa64065489db0960778bf4690fda528dcb7849a70c8daabc207

    • SSDEEP

      6144:V5uplxAAZcR/6TkINkbuCbX4HGIpEFNMr5Ux:V5kXC19bXImIpEFNM14

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks