2323d4a8814c40340af57811a08c1924cc2f7b9888243888df29f4ae306c31ba | Triage

Sharing

General

Target

031503c1a4e4c3994e64901204587d84_JaffaCakes118
Size

800KB
Sample

240427-mxhamahe9x
MD5

031503c1a4e4c3994e64901204587d84
SHA1

68aa412f42a08c4a6ebdd27793dd3a5f581bc397
SHA256

2323d4a8814c40340af57811a08c1924cc2f7b9888243888df29f4ae306c31ba
SHA512

24cd3ff5ecfb08bc59eea2a63ad010565d84d4e2289d769e610ac39a32f7ec6019f0ebb5882de2d6fbf4a2efb8b070d6d7da93e4431f9418be05c105e097092d
SSDEEP

24576:j8wk/26uSNWQw6ReN6NgUWrMbR8TYlhoB8:gz/hgF6FNkrMb6El

Score

7^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  031503c1a4e4c3994e64901204587d84_JaffaCakes118
- Size
  
  800KB
- MD5
  
  031503c1a4e4c3994e64901204587d84
- SHA1
  
  68aa412f42a08c4a6ebdd27793dd3a5f581bc397
- SHA256
  
  2323d4a8814c40340af57811a08c1924cc2f7b9888243888df29f4ae306c31ba
- SHA512
  
  24cd3ff5ecfb08bc59eea2a63ad010565d84d4e2289d769e610ac39a32f7ec6019f0ebb5882de2d6fbf4a2efb8b070d6d7da93e4431f9418be05c105e097092d
- SSDEEP
  
  24576:j8wk/26uSNWQw6ReN6NgUWrMbR8TYlhoB8:gz/hgF6FNkrMb6El
Score

7^/10

discovery persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2