Overview

overview

10

Static

static

10

f5f93b480a...18.exe

windows7-x64

10

f5f93b480a...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    17-04-2024 14:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe

  • Size

    689KB

  • MD5

    f5f93b480a4ca583092b496be670cab9

  • SHA1

    7599346d4289e30e379d7b66d56bb85bb1d70c7b

  • SHA256

    62d0df3e2034c38c55163ea9a5e6c972416a39a3dac53fecea54fec272301fdc

  • SHA512

    8de0eb7c0923b3623ddf23af15d87dcbb516c621667a141de3695a72ae5a0b09b3a995a3ad9a6cd417c6d165c6efbbb1dc25a5a89d7c15561ec9db6885892786

  • SSDEEP

    12288:oHaUzb/8R/oQQXew/1boTID5jra/W9K4RHzFOMMW3SMyvnuZIGiYBXlwFwQy5A:oHa2w/YOw/Vo0D5jra/hUFOKn+dy5A

Score
10/10
pandastealerspywarestealer

Malware Config

Signatures

  • PandaStealer

    Panda Stealer is a fork of CollectorProject Stealer written in C++.

    stealerpandastealer
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\f5f93b480a4ca583092b496be670cab9_JaffaCakes118.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:5072

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads