7b78ae1493693935b410ba9d252d2358bc8a4f11c2cc29bb6429454ef4c7b572 | Triage

Sharing

General

Target

0049f3e822314897cb98ce47825fa645_JaffaCakes118
Size

391KB
Sample

240619-yzlavazbqg
MD5

0049f3e822314897cb98ce47825fa645
SHA1

0e286a6b8f59f1b555facb2604afad39a1433f92
SHA256

7b78ae1493693935b410ba9d252d2358bc8a4f11c2cc29bb6429454ef4c7b572
SHA512

f4f824a77bf317bc2e2927aa590fdbd07b17706ba01ab17b778699b0813439049edbc39a28498c890889bd1d97ee1a1fedc0924a07b9861845ea2680bbbb34ed
SSDEEP

6144:FhOZbxZ+Be8wGKmFTGT6cF6R5m9rBLICY0klFblVVlIG:FyxZ+B5wGKmFTBC6RolZRkBVVln

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  0049f3e822314897cb98ce47825fa645_JaffaCakes118
- Size
  
  391KB
- MD5
  
  0049f3e822314897cb98ce47825fa645
- SHA1
  
  0e286a6b8f59f1b555facb2604afad39a1433f92
- SHA256
  
  7b78ae1493693935b410ba9d252d2358bc8a4f11c2cc29bb6429454ef4c7b572
- SHA512
  
  f4f824a77bf317bc2e2927aa590fdbd07b17706ba01ab17b778699b0813439049edbc39a28498c890889bd1d97ee1a1fedc0924a07b9861845ea2680bbbb34ed
- SSDEEP
  
  6144:FhOZbxZ+Be8wGKmFTGT6cF6R5m9rBLICY0klFblVVlIG:FyxZ+B5wGKmFTBC6RolZRkBVVln
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2