4f8ed9eb118c10faff7cde4f8e431db5435cd8dcfe9d9462b238547865ca52b0 | Triage

Sharing

General

Target

fcecd290298d86cb7fd52131ed58a4cc_JaffaCakes118
Size

2.9MB
Sample

240420-rdgl7sac46
MD5

fcecd290298d86cb7fd52131ed58a4cc
SHA1

6aaa372ccf65e9d796dd02a8b0ca31724111b63d
SHA256

4f8ed9eb118c10faff7cde4f8e431db5435cd8dcfe9d9462b238547865ca52b0
SHA512

1acb725b3a915817d21247537c1b4507d8bdc81260ed3e131ac4e2c0a54fd3610616a900aad88618fb1fa7fcd38d9b7c0ecadbe1a52cca6fac178e872bdd05e3
SSDEEP

49152:x2ERfOrFpfaHcT7O3p/l/7zleaKVwK5ODnYZYlD6cNp7DVlzKxrr/TA/bAckde1F:7oRpyaMp9/0hz5OMZaZVl8TAUpe1PJgI

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  cfxiaogui/垃圾文件、非法数据清理.bat
- Size
  
  2KB
- MD5
  
  4968758673445fefe5be2c30f256554a
- SHA1
  
  497b6b6335de20c0f260760fd57ddf1b2b0c5f03
- SHA256
  
  9f039d02b1fc85fbcfd3b920a85f1960799ceb717a6b5117b7c266ad6d7181d5
- SHA512
  
  3b5cb0a898acea93b6002d328cfae8090978d368c691076d5cf03be27feed0a75fa883b940b948f9532b6cdfe4639dcabe4413ee7a4758e4ad02cbe97b54462e
Score

7^/10

spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  cfxiaogui/查看最新版本.url
- Size
  
  225B
- MD5
  
  612b57f3a97b817e74a15d5c66ca934a
- SHA1
  
  6bb62736451eee868643abb02e1419d561f30b47
- SHA256
  
  6fbfeda4efd2811abeefbded555f0624c039c3b9d45b5c07ccaac43478685b70
- SHA512
  
  d36eb5ab0db8c1d4928a4b8e85bf6080b61e8474f39907c705b2e59228f35e83e2dce8097bbc31d6e1e0e453864e2a90d945b051192a3dd2e5d57ee4d9dc3440
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4