General

  • Target

    JaffaCakes118_1c275a4da77da3bc49b88b83ef3b7ee3

  • Size

    690KB

  • Sample

    250704-n3csrsej6s

  • MD5

    1c275a4da77da3bc49b88b83ef3b7ee3

  • SHA1

    227d4d23fbcf4e2415564a4483467cf8d4118195

  • SHA256

    d5cfefeb951b855c4dbfb84cd1a4a8c57c18e8456e4e083a52b8464fc359ea4d

  • SHA512

    8a6fa5495dc903da0614af52c8fc8f4c83999bd9dae2b701efa668bd33c66928cf87b4a03f50631f1d31c494b6f47aaaf16dc9bbac59aefd614048c414d41e5d

  • SSDEEP

    12288:B8K8P7ChqFB/Rgp7foWEgm4HjvR6NP+2N+bimWWbivDubNbcatQEH4:/2Rm7fLEDa6vN+nKCJ4

Malware Config

Targets

    • Target

      JaffaCakes118_1c275a4da77da3bc49b88b83ef3b7ee3

    • Size

      690KB

    • MD5

      1c275a4da77da3bc49b88b83ef3b7ee3

    • SHA1

      227d4d23fbcf4e2415564a4483467cf8d4118195

    • SHA256

      d5cfefeb951b855c4dbfb84cd1a4a8c57c18e8456e4e083a52b8464fc359ea4d

    • SHA512

      8a6fa5495dc903da0614af52c8fc8f4c83999bd9dae2b701efa668bd33c66928cf87b4a03f50631f1d31c494b6f47aaaf16dc9bbac59aefd614048c414d41e5d

    • SSDEEP

      12288:B8K8P7ChqFB/Rgp7foWEgm4HjvR6NP+2N+bimWWbivDubNbcatQEH4:/2Rm7fLEDa6vN+nKCJ4

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v16

Tasks