76baf5e9c097632e5d913118851790786d81fbe07e2c72fa049cc0329517bd00 | Triage

Sharing

General

Target

30ebafd3f032602abbfcf58fc40541f9_JaffaCakes118
Size

585KB
Sample

240709-stjbeazfmp
MD5

30ebafd3f032602abbfcf58fc40541f9
SHA1

64007da94dcae08c811510e53ab8ca76ca69a0ed
SHA256

76baf5e9c097632e5d913118851790786d81fbe07e2c72fa049cc0329517bd00
SHA512

e3df8a65bd60d2fed52a6078bc3624c82dbd44538e8a2fbfcdb12dce84d43f945286a44831cac392d50b7b0ff554f3e420b22db2fd24bdad3eb4700caaea7815
SSDEEP

12288:yG2tzSMJb9pZ5RgY2yUNK+upN35jGFpVMbonpEPH0zEBQM1SoSbmKZG:yPxzKtrEPo2QfblG

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  30ebafd3f032602abbfcf58fc40541f9_JaffaCakes118
- Size
  
  585KB
- MD5
  
  30ebafd3f032602abbfcf58fc40541f9
- SHA1
  
  64007da94dcae08c811510e53ab8ca76ca69a0ed
- SHA256
  
  76baf5e9c097632e5d913118851790786d81fbe07e2c72fa049cc0329517bd00
- SHA512
  
  e3df8a65bd60d2fed52a6078bc3624c82dbd44538e8a2fbfcdb12dce84d43f945286a44831cac392d50b7b0ff554f3e420b22db2fd24bdad3eb4700caaea7815
- SSDEEP
  
  12288:yG2tzSMJb9pZ5RgY2yUNK+upN35jGFpVMbonpEPH0zEBQM1SoSbmKZG:yPxzKtrEPo2QfblG
Score

7^/10

spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2