e38e8f8467a8845fb9d5866978cbce73d97461332cf17c474d645085596c7ecf | Triage

Submit
Reports

Overview

overview

7

Static

static

3

0537397ea0...18.exe

windows7-x64

7

0537397ea0...18.exe

windows10-2004-x64

7

Analysis

max time kernel
45s
max time network
42s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 12:41

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0537397ea0be5a2aa0ec0ec909866141_JaffaCakes118.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

0537397ea0be5a2aa0ec0ec909866141_JaffaCakes118.exe

Resource

win10v2004-20240419-en

spyware stealer

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

0537397ea0be5a2aa0ec0ec909866141_JaffaCakes118.exe
Size

567KB
MD5

0537397ea0be5a2aa0ec0ec909866141
SHA1

c554bed1c90099a95e0ee85652c9352746b0d799
SHA256

e38e8f8467a8845fb9d5866978cbce73d97461332cf17c474d645085596c7ecf
SHA512

4d841d8dbe10c83b7e5d680aa8012d63b6fe50d1d6101845f735a7251e90eead95b6c55dad172d0518da03bd4f006c145a48fd37ee5b10ff875327a5fd0ff9d0
SSDEEP

12288:D9x7fKJCO7VJa/T+eYVKW6UsdJ8TNDvcOgAmk0s+z28xuc7oti/ENokKW0DG:D/fH0gdYV7gX8TNVyz28gcjENokJ0DG

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Processes

C:\Users\Admin\AppData\Local\Temp\0537397ea0be5a2aa0ec0ec909866141_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\0537397ea0be5a2aa0ec0ec909866141_JaffaCakes118.exe"
1⤵
PID:4756

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4756-0-0x0000000010000000-0x000000001012A000-memory.dmp

Filesize
1.2MB

Download

© 2018-2024

Terms | Privacy