20c19ac9067913709adfae1ba6ddfb6ff1ff0c390b606e88f4ab67a77c3ad575 | Triage

Sharing

General

Target

6928efec16cb7f0bd04b01dce520dd74_JaffaCakes118
Size

697KB
Sample

240523-awxbyaeh5w
MD5

6928efec16cb7f0bd04b01dce520dd74
SHA1

6a46a4a238b957a0c75e4f1702c57b0247df6dd4
SHA256

20c19ac9067913709adfae1ba6ddfb6ff1ff0c390b606e88f4ab67a77c3ad575
SHA512

9f5c02c3414da95917d337b28e0bd1b06d93294e5448c7c0f540128bba7f0b154562dd06c8d1e668a1da492782bb282b705f223495befa04f698c0baf1c0b13c
SSDEEP

12288:04Vcmjo5jAUdAvbfWUGrfdxR3qGnxPhn2BgdaZoiyaQ879D8ZkmkytUG:0N2oRXAvLGJlx522d6oiBX7EkpytUG

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  6928efec16cb7f0bd04b01dce520dd74_JaffaCakes118
- Size
  
  697KB
- MD5
  
  6928efec16cb7f0bd04b01dce520dd74
- SHA1
  
  6a46a4a238b957a0c75e4f1702c57b0247df6dd4
- SHA256
  
  20c19ac9067913709adfae1ba6ddfb6ff1ff0c390b606e88f4ab67a77c3ad575
- SHA512
  
  9f5c02c3414da95917d337b28e0bd1b06d93294e5448c7c0f540128bba7f0b154562dd06c8d1e668a1da492782bb282b705f223495befa04f698c0baf1c0b13c
- SSDEEP
  
  12288:04Vcmjo5jAUdAvbfWUGrfdxR3qGnxPhn2BgdaZoiyaQ879D8ZkmkytUG:0N2oRXAvLGJlx522d6oiBX7EkpytUG
Score

7^/10

spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops Chrome extension
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2