General

  • Target

    JaffaCakes118_1c31085394369a6a5677b5ad2178f089

  • Size

    725KB

  • Sample

    250704-pzzzkatl12

  • MD5

    1c31085394369a6a5677b5ad2178f089

  • SHA1

    1c9261cb84a8e47b2bfe0e2bb7987b11ed005bb0

  • SHA256

    d704f33c537e896fdc613cff4e3c351f2dcc072c6c7143442bfe830ab148c6c5

  • SHA512

    ad1f398762412961dfee9bb3d1e094009f9f01027a5adaa41f3af890e99084f4284a73a7c0ea3cfcf2cc83aa2ffb778d290904993842eed39d40640481ab5b13

  • SSDEEP

    12288:h1OgLdaOlo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJeU:h1OYdaOlOBsFEt5hDG0SAMs9jR/jaJnO

Malware Config

Targets

    • Target

      JaffaCakes118_1c31085394369a6a5677b5ad2178f089

    • Size

      725KB

    • MD5

      1c31085394369a6a5677b5ad2178f089

    • SHA1

      1c9261cb84a8e47b2bfe0e2bb7987b11ed005bb0

    • SHA256

      d704f33c537e896fdc613cff4e3c351f2dcc072c6c7143442bfe830ab148c6c5

    • SHA512

      ad1f398762412961dfee9bb3d1e094009f9f01027a5adaa41f3af890e99084f4284a73a7c0ea3cfcf2cc83aa2ffb778d290904993842eed39d40640481ab5b13

    • SSDEEP

      12288:h1OgLdaOlo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJeU:h1OYdaOlOBsFEt5hDG0SAMs9jR/jaJnO

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v16

Tasks