40fc1e6f956763871d70c576634c8444713283d44cb09048b1d451d0f1f6207e | Triage

Sharing

General

Target

27877263ae03dd2d0290433e7e970c98_JaffaCakes118
Size

126KB
Sample

240509-bakaxsbg57
MD5

27877263ae03dd2d0290433e7e970c98
SHA1

459c67aed9dc0db4ba09da829c4ddeb439288ae0
SHA256

40fc1e6f956763871d70c576634c8444713283d44cb09048b1d451d0f1f6207e
SHA512

f384f0d9e96bea3e89c1c5bc01532c4cc011e0718556ba595f136672e407caf600c9da283c7e057a0c9d6cd13393ff1499e3a65e055e985ace1f0d22ac85ed66
SSDEEP

3072:j31/jxwB6WjDAf5vMsUYWDvNJcO/Fu2HnquMNIp:j31/CLoPIFu2nMK

Score

9^/10

cryptone packer spyware stealer

Malware Config

Targets

- Target
  
  Oplata ponedel'nik.exe
- Size
  
  1.1MB
- MD5
  
  9a4c7ae4bcaa653ffd966d17785ed92d
- SHA1
  
  610343dbeb9e63ddd7fa2cfb765c8dda3c37c150
- SHA256
  
  d06be7bd36b4cdd6ac12e3c7fb675515cd33ae9ea75a26e7dc7fc3a7db14caff
- SHA512
  
  e6da37f1da3c075f0d435592eb69ef9cbfeb94f96f450b1a560fc7f9e7b6a5b903fdefa4fd2a749dfa0e3c5d0eac2777428e7dc92af0543cbc6ea55d3bf5d51f
- SSDEEP
  
  3072:jBMY6A1ztHItWsT3i9/bW/Yx00yuhUb+SIT5DWqKlYcrgx+ICPKGy3yLs3/BJ:jB5JHIl6au00yrqSIZWDlujT
Score

7^/10

spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Remote System Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2