General

  • Target

    JaffaCakes118_1c25e8131aaa7200fc1acce7931133e2

  • Size

    960KB

  • Sample

    250704-nw3evasta1

  • MD5

    1c25e8131aaa7200fc1acce7931133e2

  • SHA1

    01a40abcf6fbbacdd425afa5d490da8b5bcc6995

  • SHA256

    8cf5a63ab83f525831b11a0c52e77936090d4ee5138c28a3b1ea1a633d50ebea

  • SHA512

    1af63339b3d0f41d375d0291f8b847b5967f97dd940017f379c2ff861fa48376bc309038269dd54380992c595a44b011cffa1856645a3fb5e3b47e57c5981caf

  • SSDEEP

    12288:7FC9B+V/XaKYE5Tf/yDC9B+V/XaKYE5Tf/qDL:JC9BiqKY0TXuC9BiqKY0TXmL

Malware Config

Targets

    • Target

      JaffaCakes118_1c25e8131aaa7200fc1acce7931133e2

    • Size

      960KB

    • MD5

      1c25e8131aaa7200fc1acce7931133e2

    • SHA1

      01a40abcf6fbbacdd425afa5d490da8b5bcc6995

    • SHA256

      8cf5a63ab83f525831b11a0c52e77936090d4ee5138c28a3b1ea1a633d50ebea

    • SHA512

      1af63339b3d0f41d375d0291f8b847b5967f97dd940017f379c2ff861fa48376bc309038269dd54380992c595a44b011cffa1856645a3fb5e3b47e57c5981caf

    • SSDEEP

      12288:7FC9B+V/XaKYE5Tf/yDC9B+V/XaKYE5Tf/qDL:JC9BiqKY0TXuC9BiqKY0TXmL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks