General

  • Target

    JaffaCakes118_1c67f76cdb38c1a3bff906f7be0832c0

  • Size

    724KB

  • Sample

    250704-vl2twswxas

  • MD5

    1c67f76cdb38c1a3bff906f7be0832c0

  • SHA1

    6ebbbfbf83e74e1d69055ca990d08ecbe266439d

  • SHA256

    a9c8088c17a3ab3ffe124187bf66b1a65134d580367fcb2541541fdf6ff36204

  • SHA512

    188b1f412219b9cd8d46d5d7242ba9c4d81e1519fed4fd66b8502e6867bc987b491a4d5dff072578eb0d18442143890b9cb43919826027064d3b6324b13bc5f2

  • SSDEEP

    12288:h1OgLdaOPo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJN:h1OYdaOPOBsFEt5hDG0SAMs9jR/jaJna

Malware Config

Targets

    • Target

      JaffaCakes118_1c67f76cdb38c1a3bff906f7be0832c0

    • Size

      724KB

    • MD5

      1c67f76cdb38c1a3bff906f7be0832c0

    • SHA1

      6ebbbfbf83e74e1d69055ca990d08ecbe266439d

    • SHA256

      a9c8088c17a3ab3ffe124187bf66b1a65134d580367fcb2541541fdf6ff36204

    • SHA512

      188b1f412219b9cd8d46d5d7242ba9c4d81e1519fed4fd66b8502e6867bc987b491a4d5dff072578eb0d18442143890b9cb43919826027064d3b6324b13bc5f2

    • SSDEEP

      12288:h1OgLdaOPo99/rsFEt5hDG0SAMs9jR/jeRJKu9TJdwYGZtyjTje5jOSpJN:h1OYdaOPOBsFEt5hDG0SAMs9jR/jaJna

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

MITRE ATT&CK Enterprise v16

Tasks