2badb3e456ffd973735aa55cdd875369cc7f5355704047d48f7604346091339e | Triage

Sharing

General

Target

060c0cfbc8bc5dad4f01e63b0c605990_JaffaCakes118
Size

1.3MB
Sample

240428-zny81agh43
MD5

060c0cfbc8bc5dad4f01e63b0c605990
SHA1

d8e0e1bdca3c981170d8a456e59c4f8d8f14c42f
SHA256

2badb3e456ffd973735aa55cdd875369cc7f5355704047d48f7604346091339e
SHA512

bf493074615e5211e164228af734e2b9ab85af671bcdcbbd6d564211c60848a8b7377573ed99a058af6d4110b4cb95d382cd9129c2cc24fbd612cfa9e767e434
SSDEEP

24576:MYOOHgB6G/DXr+7ToeXO/PT2HFFAtPMBVmllzlE:MY9ABnYK2APMBVmllzG

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  060c0cfbc8bc5dad4f01e63b0c605990_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  060c0cfbc8bc5dad4f01e63b0c605990
- SHA1
  
  d8e0e1bdca3c981170d8a456e59c4f8d8f14c42f
- SHA256
  
  2badb3e456ffd973735aa55cdd875369cc7f5355704047d48f7604346091339e
- SHA512
  
  bf493074615e5211e164228af734e2b9ab85af671bcdcbbd6d564211c60848a8b7377573ed99a058af6d4110b4cb95d382cd9129c2cc24fbd612cfa9e767e434
- SSDEEP
  
  24576:MYOOHgB6G/DXr+7ToeXO/PT2HFFAtPMBVmllzlE:MY9ABnYK2APMBVmllzG
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks for any installed AV software in registry
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Software Discovery

Security Software Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2