a85098fa468dd9b75fa10287f059df3130a4afd5d4b189bcb406ba4f540790bf | Triage

Sharing

General

Target

fc2c1df2432409a2b3675955958805c5_JaffaCakes118
Size

12.2MB
Sample

240420-hlps4sbf31
MD5

fc2c1df2432409a2b3675955958805c5
SHA1

aed691d4f348ec82e173962e6bb5579bccf5b366
SHA256

a85098fa468dd9b75fa10287f059df3130a4afd5d4b189bcb406ba4f540790bf
SHA512

9b1d78d8741c19cab9a2685f8620761e84fc97e31d4bcdf297be4a7c8fe247ba982caafcdf942e75a96d36115d38e9e9d9b5a5f5eb222033aa89d3faf1e88835
SSDEEP

393216:Ft93qpqK8ZGxFlh2pKZ1k1N3fwS7hZ28j0W:f93q38ZwrQpC+eu2nW

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  fc2c1df2432409a2b3675955958805c5_JaffaCakes118
- Size
  
  12.2MB
- MD5
  
  fc2c1df2432409a2b3675955958805c5
- SHA1
  
  aed691d4f348ec82e173962e6bb5579bccf5b366
- SHA256
  
  a85098fa468dd9b75fa10287f059df3130a4afd5d4b189bcb406ba4f540790bf
- SHA512
  
  9b1d78d8741c19cab9a2685f8620761e84fc97e31d4bcdf297be4a7c8fe247ba982caafcdf942e75a96d36115d38e9e9d9b5a5f5eb222033aa89d3faf1e88835
- SSDEEP
  
  393216:Ft93qpqK8ZGxFlh2pKZ1k1N3fwS7hZ28j0W:f93q38ZwrQpC+eu2nW
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Web Service

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2