1103a5484bab866def0909daca33d6ad2a69a964f572924f3f0f82211c3c120c | Triage

Sharing

General

Target

240008f56dba07d008adabee633d9d50_JaffaCakes118
Size

7.0MB
Sample

240704-aqgpastgmp
MD5

240008f56dba07d008adabee633d9d50
SHA1

3d220a932acbd00be71b1a58aa355950ceee16f6
SHA256

1103a5484bab866def0909daca33d6ad2a69a964f572924f3f0f82211c3c120c
SHA512

62453738bdd1aeed0701deb80a9e4c72e05401131c3959b4533121c2d20e0d1cd22ce9901755f3332d8cc4f9b175ed7b7784897c4203828dc7a44237441cc985
SSDEEP

196608:jrF+gp1D+De0G9onJ5hrZER9xQ3jo4U07+B8H+O:PpNSeP9c5hlER9xA20SBy

Score

7^/10

pyinstaller spyware stealer

Malware Config

Targets

- Target
  
  240008f56dba07d008adabee633d9d50_JaffaCakes118
- Size
  
  7.0MB
- MD5
  
  240008f56dba07d008adabee633d9d50
- SHA1
  
  3d220a932acbd00be71b1a58aa355950ceee16f6
- SHA256
  
  1103a5484bab866def0909daca33d6ad2a69a964f572924f3f0f82211c3c120c
- SHA512
  
  62453738bdd1aeed0701deb80a9e4c72e05401131c3959b4533121c2d20e0d1cd22ce9901755f3332d8cc4f9b175ed7b7784897c4203828dc7a44237441cc985
- SSDEEP
  
  196608:jrF+gp1D+De0G9onJ5hrZER9xQ3jo4U07+B8H+O:PpNSeP9c5hlER9xA20SBy
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Legitimate hosting services abused for malware hosting/C2
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2