372db64f0a778b66acec89830f839cd0528ef0716265ee89808e9bfde58709f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc8ee4c23ef9901650465e69ce6abd5a_JaffaCakes118
Size

77KB
Sample

240420-mk2thafa4v
MD5

fc8ee4c23ef9901650465e69ce6abd5a
SHA1

f7b2c273eeca0ca8ddf3ce8738958ddb9ccfc643
SHA256

372db64f0a778b66acec89830f839cd0528ef0716265ee89808e9bfde58709f7
SHA512

605ca1bb1c61aa2c292c927b1f155ef3cc687770712de573ed8c20ed9099eea12c1b283bf889f645dfa2eb1f67934c7d7854a23d721644433a2ba0dc3f1123ae
SSDEEP

1536:raHLtZfByDUJuSkZWeGkqbT3ckFqtWUOQgjGUvOg6rW+JA4:raHzB+UJBOQksAkItqQwOgr/4

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  fc8ee4c23ef9901650465e69ce6abd5a_JaffaCakes118
- Size
  
  77KB
- MD5
  
  fc8ee4c23ef9901650465e69ce6abd5a
- SHA1
  
  f7b2c273eeca0ca8ddf3ce8738958ddb9ccfc643
- SHA256
  
  372db64f0a778b66acec89830f839cd0528ef0716265ee89808e9bfde58709f7
- SHA512
  
  605ca1bb1c61aa2c292c927b1f155ef3cc687770712de573ed8c20ed9099eea12c1b283bf889f645dfa2eb1f67934c7d7854a23d721644433a2ba0dc3f1123ae
- SSDEEP
  
  1536:raHLtZfByDUJuSkZWeGkqbT3ckFqtWUOQgjGUvOg6rW+JA4:raHzB+UJBOQksAkItqQwOgr/4
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2