105827771b769708537e5ebee70ed13275b2ee94bb182aab7523699b156634a8

Analysis

max time kernel
122s
max time network
126s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
25-05-2024 20:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

7322541e09ebb65e9bba55e1632069f7_JaffaCakes118.exe
Size

448KB
MD5

7322541e09ebb65e9bba55e1632069f7
SHA1

90a593911f4eadc9d46cb95430da1b3926cc1721
SHA256

105827771b769708537e5ebee70ed13275b2ee94bb182aab7523699b156634a8
SHA512

f901bf97f2089a6107070f2ca9174a102f20512a4e0ed109912251f9b3833a4bef16f2bc0c9e9e2ae127bc13fc90c2ac347e41ea5652dd8a747890f6069ee131
SSDEEP

6144:JrXm17vhZg5CFSSF1rU5Z1c0V5+EjGCj/d+GpYjJQNvGN9xbuWBC:JW1Lhm/SF9U5gs5+yljl+Gyj+5GN3Y

Score

7^/10

spyware stealer

Malware Config

Signatures

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

C:\Users\Admin\AppData\Local\Temp\7322541e09ebb65e9bba55e1632069f7_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\7322541e09ebb65e9bba55e1632069f7_JaffaCakes118.exe"
1⤵
PID:2440

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Temp\UNT9ADE.tmp.exe

Filesize
305B

MD5
29a0902e8f036f63c9a79647614ff053

SHA1
79582fce2e3aa0ad300e726d66515c15a1735f1c

SHA256
b5f9ae043585d1331c825fa9bb4a24236d07a591a38aa207c2908128126c1a8e

SHA512
0ef04308866d9141733bd66171ea72cbde85cdc2470e4188c97022b11e74b24713ca186a0ebe0db8905f8c08066e1a1f3ac63cc2a85a42d07b419f37718ca81e

Download Submit
C:\Users\Admin\AppData\Local\Temp\UNT9ADF.tmp.exe

Filesize
9KB

MD5
571270a5b43d78a6bf9f87678a7767e0

SHA1
699b7cc3aa90f741be98e5fe0e9655a8d5aef3bc

SHA256
751ffd31a5d30be30b05292b99b9e33c5a625b08bde1f569b5db001e94df25db

SHA512
a14346e8805f3bf384a98a2f14297c8dde93bd395951862f4179cd7e2507c0bcab2840755bf92bb7e77398fb7c76534626434f12cf5ca72c2b078ae1eadbdb45

Download Submit
C:\Users\Admin\AppData\Local\Temp\UNT9AE0.tmp.exe

Filesize
7KB

MD5
409855ed68e62b0fa9ec385a40e5b2bf

SHA1
8c6ca35edaa797196ecec50d05132c64770dbde7

SHA256
32ba59bf87497ae7d4d950993123f5e77301953e74e469b48bfaba0c03818702

SHA512
40606f99844e5eb032c3534e4ea940594cafbf9b081fabd3e53ecb492b211233758f87046f358312f1c4ef4f89f1813136e5ca237ea44a2bc56418b222738b46

Download Submit
C:\Users\Admin\AppData\Local\Temp\UNT9AE1.tmp.exe

Filesize
4KB

MD5
c2c6231139cb2b73e03f1934c63aeed8

SHA1
26e388fb00e9978c415b19275405e9adc5462092

SHA256
c6ff02a979763c5986c810f81951e4ab4e1e6b4bb58b715a36e92498409b3329

SHA512
a5d41c906ad459cf969d2b0aa131ace34ed4147956d17dd8cbcc0b3a6c2429b03f97db8352ed696d6c0d63311d252f62b6eb0e17fe515b639ccb5bde3420df5a

Download Submit
C:\Users\Admin\AppData\Local\Temp\UNT9AE2.tmp.exe

Filesize
4KB

MD5
ae84cc4b886a8dcc4c8bb3cae51fdb5c

SHA1
a2df71d92ef473fb3cd7e345cf29f47727df27d9

SHA256
138734154a010c2d426a358bec3bd2cb8a3e6dd4c949915dcfc1820c0deb2b2d

SHA512
3ef9a8f0859afb360b7b74b7836033bc80ad31ec4d011bc48b4f31402359e5f2d9af1f2d1f1aac83b76d60ea6594a23f861ac99fec1a93760be3b3c63e13921f

Download Submit
C:\Users\Admin\AppData\Local\Temp\UNT9B02.tmp.exe

Filesize
24KB

MD5
c4aedbeea07ae32c46a2d48de4b1e425

SHA1
28dc3d97efb2a79060b86f09011e261df0827343

SHA256
e27087c12d6f4846230175a2bdf0c706d69980c1c122eca4f7cb452184fb2f46

SHA512
721bd1a1c648fc3c41201b5ac9d27de4639552dc7bc6c15ec8e3d8c522c54fcc3555de51abeb506560a3595fe5afe846d894e5f61c2bb79354e089ec5416072b

Download Submit