0b09c1b778ef42ac2b7c2850418d71c8bc25372273fb8245745ddae5498c493a | Triage

Resubmissions

19-04-2024 21:57

240419-1vdrbahd51 7

19-04-2024 18:29

240419-w5drvach4w 7

Sharing

General

Target

fae8d22926ee59a5bad0235fc8a05e8e_JaffaCakes118
Size

6.6MB
Sample

240419-1vdrbahd51
MD5

fae8d22926ee59a5bad0235fc8a05e8e
SHA1

b947cc2c2ee4e487e1d704dc7064d6c0063b99f1
SHA256

0b09c1b778ef42ac2b7c2850418d71c8bc25372273fb8245745ddae5498c493a
SHA512

a87724ca92fb7529fc39bd95d69248838506600c6751b6c9be36a8fe042eac761c878b4e18e6d3bba8a60e6a0e271b476c939c7c4b16e564baa77ce56a6caf55
SSDEEP

196608:HyMJPmCsXDjDyf6L2WliXYrHW1L0AFKe7ChS:lPmCEDVL2ciIrHWR7Ke7a

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  fae8d22926ee59a5bad0235fc8a05e8e_JaffaCakes118
- Size
  
  6.6MB
- MD5
  
  fae8d22926ee59a5bad0235fc8a05e8e
- SHA1
  
  b947cc2c2ee4e487e1d704dc7064d6c0063b99f1
- SHA256
  
  0b09c1b778ef42ac2b7c2850418d71c8bc25372273fb8245745ddae5498c493a
- SHA512
  
  a87724ca92fb7529fc39bd95d69248838506600c6751b6c9be36a8fe042eac761c878b4e18e6d3bba8a60e6a0e271b476c939c7c4b16e564baa77ce56a6caf55
- SSDEEP
  
  196608:HyMJPmCsXDjDyf6L2WliXYrHW1L0AFKe7ChS:lPmCEDVL2ciIrHWR7Ke7a
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Looks up external IP address via web service
  Uses a legitimate IP lookup service to find the infected system's external IP.
behavioral1
- Target
  
  Token_by_Wallax.pyc
- Size
  
  7KB
- MD5
  
  8e3cecc5f796e1c85c5b29653deb9c13
- SHA1
  
  4bf455ba088f0895b68e1da8573450b9576f1797
- SHA256
  
  7e76c01189748d0e7b8413e1c206abe2228eac9ef8ebf86bfa2de67262a320fa
- SHA512
  
  b45f4092d2c8f6963ff33bbba65e5e8c457e99bf8097f574f97fdcbfbed48769bb5e1a429dc0479d549bbdd6153038decf10b866d99345bef1ee6d222ce32e53
- SSDEEP
  
  96:lIxJhc8Z6+sQC+nfa+Qy79VaE1dTBOOqDyEl8fp7hMzR/akWwFivsKlWbv:avhZZ6+s+r3GEfTxDoA7h8R/ZlPSWj
Score

3^/10
behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2