d3128b62c3dd8fcd95be3fab7b2d9e91147cc752b0b74d5928e88062fd2d7da7 | Triage

Sharing

General

Target

6f23e05f7f830af37bcd01817d151649_JaffaCakes118
Size

7.5MB
Sample

240524-t3lcssca7v
MD5

6f23e05f7f830af37bcd01817d151649
SHA1

5977c2c31c738c3ec87a4b8c8235582f4da9042a
SHA256

d3128b62c3dd8fcd95be3fab7b2d9e91147cc752b0b74d5928e88062fd2d7da7
SHA512

5aba83ad3e63f63fc70b6552a7038ab3493f323f537a40f7ccf489edc7cecb567fd8f54b3c128f01328bd3e5cd91f75dc16c805db8e0ba1b863d5c8cc4f31c3e
SSDEEP

196608:vklzyXloTDp4QeUpg176uqMDFrtwCgXA:0km6VMg1OuqMDFrt

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  6f23e05f7f830af37bcd01817d151649_JaffaCakes118
- Size
  
  7.5MB
- MD5
  
  6f23e05f7f830af37bcd01817d151649
- SHA1
  
  5977c2c31c738c3ec87a4b8c8235582f4da9042a
- SHA256
  
  d3128b62c3dd8fcd95be3fab7b2d9e91147cc752b0b74d5928e88062fd2d7da7
- SHA512
  
  5aba83ad3e63f63fc70b6552a7038ab3493f323f537a40f7ccf489edc7cecb567fd8f54b3c128f01328bd3e5cd91f75dc16c805db8e0ba1b863d5c8cc4f31c3e
- SSDEEP
  
  196608:vklzyXloTDp4QeUpg176uqMDFrtwCgXA:0km6VMg1OuqMDFrt
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2