d24a0dd2a9cc17e9ebe8581671e3e547b489cb09eac17b643807bf453fa6e8c4 | Triage

Sharing

General

Target

fc13da1931cb4019556e85181fcde81a_JaffaCakes118
Size

9.3MB
Sample

240420-gpa9fsah4z
MD5

fc13da1931cb4019556e85181fcde81a
SHA1

3ebac72622e110c552f681838077410224ed8ee6
SHA256

d24a0dd2a9cc17e9ebe8581671e3e547b489cb09eac17b643807bf453fa6e8c4
SHA512

137889ed13c5d14d6cfe42ebd547de2f94c1bb2582aabebbccfcb1f4fa66e7774b687a84ba7b89d60b94b8b18558ca1f2b7b6cacc2fff88aa2d83ee9640223ba
SSDEEP

196608:xIrsoP1HSsimvlG2etbYPvbJQlH4B33jCsW8C+Kaf4t:oLP1pimtokJQlkju/

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  fc13da1931cb4019556e85181fcde81a_JaffaCakes118
- Size
  
  9.3MB
- MD5
  
  fc13da1931cb4019556e85181fcde81a
- SHA1
  
  3ebac72622e110c552f681838077410224ed8ee6
- SHA256
  
  d24a0dd2a9cc17e9ebe8581671e3e547b489cb09eac17b643807bf453fa6e8c4
- SHA512
  
  137889ed13c5d14d6cfe42ebd547de2f94c1bb2582aabebbccfcb1f4fa66e7774b687a84ba7b89d60b94b8b18558ca1f2b7b6cacc2fff88aa2d83ee9640223ba
- SSDEEP
  
  196608:xIrsoP1HSsimvlG2etbYPvbJQlH4B33jCsW8C+Kaf4t:oLP1pimtokJQlkju/
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2