aefca836aef8093d57e519d38b6abae5471774f526f3a4722890be14c0031ee8 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

1ba24e2427...18.exe

windows7-x64

7

1ba24e2427...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

1ba24e2427ccd5542a73cffda82284e4_JaffaCakes118
Size

9.6MB
Sample

240701-rq8lfszemq
MD5

1ba24e2427ccd5542a73cffda82284e4
SHA1

401d5ed637be273f5c1679e56fbc2ee0c94ce949
SHA256

aefca836aef8093d57e519d38b6abae5471774f526f3a4722890be14c0031ee8
SHA512

c2f89ff8024860238fb000c718f8344e50e001689b27238ba82f2575c82c6623bb8c0d06360f72405d92570aadc643c3f029d31e2e0f24dea274e0dd4c0f69ec
SSDEEP

196608:4+AqC+yq5K72b0RY5W82d9xx+letkNtT6P08Z1b6UUQc:4+AJtA0aWdbx4HtWP08WjQ

Score

7^/10

spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1ba24e2427ccd5542a73cffda82284e4_JaffaCakes118.exe

Resource

win7-20240221-en

spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

1ba24e2427ccd5542a73cffda82284e4_JaffaCakes118.exe

Resource

win10v2004-20240508-en

spyware stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1ba24e2427ccd5542a73cffda82284e4_JaffaCakes118
- Size
  
  9.6MB
- MD5
  
  1ba24e2427ccd5542a73cffda82284e4
- SHA1
  
  401d5ed637be273f5c1679e56fbc2ee0c94ce949
- SHA256
  
  aefca836aef8093d57e519d38b6abae5471774f526f3a4722890be14c0031ee8
- SHA512
  
  c2f89ff8024860238fb000c718f8344e50e001689b27238ba82f2575c82c6623bb8c0d06360f72405d92570aadc643c3f029d31e2e0f24dea274e0dd4c0f69ec
- SSDEEP
  
  196608:4+AqC+yq5K72b0RY5W82d9xx+letkNtT6P08Z1b6UUQc:4+AJtA0aWdbx4HtWP08WjQ
Score

7^/10

spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy