04a2444f5fb0ddbd21ef6812f63f8ea4e95282d442b4d52df9adc5f83a6a4022 | Triage

Sharing

General

Target

401767239281c8ec502402234bba0d13_JaffaCakes118
Size

1.0MB
Sample

240514-gxqdcadc9s
MD5

401767239281c8ec502402234bba0d13
SHA1

e645bdabbeca0b824dffa1e86558cf6e714675cb
SHA256

04a2444f5fb0ddbd21ef6812f63f8ea4e95282d442b4d52df9adc5f83a6a4022
SHA512

e19961eaf752db0b64f8d5a1386fa298a3d63b796d9dce7fb43e0e0136327e1339772ec0d1f45d886cbfb74a9df646b5180e55376e18f703ad77025d319302d2
SSDEEP

12288:HjWtudPf4ddoOVmFf1WiX4SjTHM/WDde2AD34QvUzG08aKXeLOp2YukaK2fGpNy:HjWtK6dofJ1WiXgIQf0yXeypfhjdy

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  401767239281c8ec502402234bba0d13_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  401767239281c8ec502402234bba0d13
- SHA1
  
  e645bdabbeca0b824dffa1e86558cf6e714675cb
- SHA256
  
  04a2444f5fb0ddbd21ef6812f63f8ea4e95282d442b4d52df9adc5f83a6a4022
- SHA512
  
  e19961eaf752db0b64f8d5a1386fa298a3d63b796d9dce7fb43e0e0136327e1339772ec0d1f45d886cbfb74a9df646b5180e55376e18f703ad77025d319302d2
- SSDEEP
  
  12288:HjWtudPf4ddoOVmFf1WiX4SjTHM/WDde2AD34QvUzG08aKXeLOp2YukaK2fGpNy:HjWtK6dofJ1WiXgIQf0yXeypfhjdy
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2