General

  • Target

    JaffaCakes118_1c6330bfdc766357f8876c3bac8a108b

  • Size

    428KB

  • Sample

    250704-vdz1bsbl2t

  • MD5

    1c6330bfdc766357f8876c3bac8a108b

  • SHA1

    6596dd1a8aa09eb0185f826da4402a195bc84ff6

  • SHA256

    69c5bdadf0b14f0c0abdb0b28f8ee95bacfae33b3215a054eb6682f7158bfe48

  • SHA512

    de0fe0d0949289c90c152e7e79b6a6da95e093c7a4b861d0b9d7a11e70068a9e2bbe5c3f7686323ee23cc865e4e22e619d2b3fdc6abfea286b54cd91cca84587

  • SSDEEP

    6144:NVFB2nS1zOl96V+Tyi7VY9RNgShcHUa8+9oISwMd7wvc/d1E6dqi4py5e:NZ1zyX7NvUa59VSwM+0Ey1e

Malware Config

Targets

    • Target

      JaffaCakes118_1c6330bfdc766357f8876c3bac8a108b

    • Size

      428KB

    • MD5

      1c6330bfdc766357f8876c3bac8a108b

    • SHA1

      6596dd1a8aa09eb0185f826da4402a195bc84ff6

    • SHA256

      69c5bdadf0b14f0c0abdb0b28f8ee95bacfae33b3215a054eb6682f7158bfe48

    • SHA512

      de0fe0d0949289c90c152e7e79b6a6da95e093c7a4b861d0b9d7a11e70068a9e2bbe5c3f7686323ee23cc865e4e22e619d2b3fdc6abfea286b54cd91cca84587

    • SSDEEP

      6144:NVFB2nS1zOl96V+Tyi7VY9RNgShcHUa8+9oISwMd7wvc/d1E6dqi4py5e:NZ1zyX7NvUa59VSwM+0Ey1e

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Adds Run key to start application

    • Drops autorun.inf file

      Malware can abuse Windows Autorun to spread further via attached volumes.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v16

Tasks