bc43ee0eff59c762cf1b1c6cdabc578f83c36646ce4936797dcdb30b756975ba | Triage

Sharing

General

Target

ebd655aa7f8b4d4efe09d73fff120bbd_JaffaCakes118
Size

7.6MB
Sample

240410-ycb4nacg6v
MD5

ebd655aa7f8b4d4efe09d73fff120bbd
SHA1

6d7576b7a8af97b04aea0d9f3a55da750dcca121
SHA256

bc43ee0eff59c762cf1b1c6cdabc578f83c36646ce4936797dcdb30b756975ba
SHA512

ff1f016a7e8592478ba7669758fa2d680b237a247d0295d6f5b3cdbd41bdb496ede0758d719c1e8bc60ebcd614612dbb7f69fc75e90eaa97b9fc0377ee76ae98
SSDEEP

196608:QlMlTiAuFyspTje2axQsUBUJ1hnYwMr+39RIFwacGKjv:QOTZ6VjaQbUHhTMrcJacGKT

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  ebd655aa7f8b4d4efe09d73fff120bbd_JaffaCakes118
- Size
  
  7.6MB
- MD5
  
  ebd655aa7f8b4d4efe09d73fff120bbd
- SHA1
  
  6d7576b7a8af97b04aea0d9f3a55da750dcca121
- SHA256
  
  bc43ee0eff59c762cf1b1c6cdabc578f83c36646ce4936797dcdb30b756975ba
- SHA512
  
  ff1f016a7e8592478ba7669758fa2d680b237a247d0295d6f5b3cdbd41bdb496ede0758d719c1e8bc60ebcd614612dbb7f69fc75e90eaa97b9fc0377ee76ae98
- SSDEEP
  
  196608:QlMlTiAuFyspTje2axQsUBUJ1hnYwMr+39RIFwacGKjv:QOTZ6VjaQbUHhTMrcJacGKT
Score

7^/10

spyware stealer
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2