c9c72a4e4bca170ccfb1b941241fc8f7930a22d100aca3987782271067c4ccbb | Triage

Sharing

General

Target

8a70b47f5f610790846c90ec20c904aa_JaffaCakes118
Size

149KB
Sample

240601-pbl3sscg77
MD5

8a70b47f5f610790846c90ec20c904aa
SHA1

755cfb36c85789d73dd0d06ea2ba16d85ef3ca2b
SHA256

c9c72a4e4bca170ccfb1b941241fc8f7930a22d100aca3987782271067c4ccbb
SHA512

c159bc077e000dc24c30dfa4fbd65129eb69e7ed967438926689787d31868e5e63a058e3a7cc85954b6cd40b7e6eda4cccbffdb0dfd35c5876435497d6145fdd
SSDEEP

3072:leHxIT8hgaUPEz8yy4LWlUYxcTDRysFEdAfak/wN3U+/:PT8z64CfKDQdAfaK+E+/

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  1.exe
- Size
  
  154KB
- MD5
  
  f25b7e3d8113bfe04637132dc77e2495
- SHA1
  
  8912c9a543a4d1a617bd59f7c80b69ed17a6e04b
- SHA256
  
  242162265a598cf3c4c0d04a999cdd5b63a9759a44787aab0d9dd8748c0525ec
- SHA512
  
  08a8ac8159f3b8cd573042a5bdc70fc408c079a80f1962cdfb59bcb87888cb307a16e0b42c1ed7d6a6819835452480df842a9bff1fbbf3fbb7a2c9dcf3fa0aa9
- SSDEEP
  
  3072:TFj1dkqdNVwl28KihHci+HXgaEAKZLX/lZ0WXH1GjerTmJgND0EHiHyhx:9ktU8KsHciigLbZbXpXHRyJgkS
Score

7^/10

spyware stealer
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2