6a6dac17e5d9ed5a7b9684d65dff102e7cda18c960a69fa2e8fd201794bf4bf2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3643432457796d90ea2cd8489f62cbd2_JaffaCakes118
Size

1.0MB
Sample

240710-y95r8s1ckg
MD5

3643432457796d90ea2cd8489f62cbd2
SHA1

ed17b7c11f2ed6a135e11860977b2e14c2b3a190
SHA256

6a6dac17e5d9ed5a7b9684d65dff102e7cda18c960a69fa2e8fd201794bf4bf2
SHA512

3394d4f5ed2b96c93a0aaca545d412477f5437e644b14a8f25d135ba79a362cd74457843da9162fd67ce9e1ce65b182c848a8d1cd53581033672f35f79617e4f
SSDEEP

24576:Wr29gWbLbOBmPoT8McHy8jy87Ln3YLndkj8Ep9tuky/2WTldsfRF9RJ8DTXgTT5z:Wr29gwMP/pdsJF9RS8TV

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  3643432457796d90ea2cd8489f62cbd2_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  3643432457796d90ea2cd8489f62cbd2
- SHA1
  
  ed17b7c11f2ed6a135e11860977b2e14c2b3a190
- SHA256
  
  6a6dac17e5d9ed5a7b9684d65dff102e7cda18c960a69fa2e8fd201794bf4bf2
- SHA512
  
  3394d4f5ed2b96c93a0aaca545d412477f5437e644b14a8f25d135ba79a362cd74457843da9162fd67ce9e1ce65b182c848a8d1cd53581033672f35f79617e4f
- SSDEEP
  
  24576:Wr29gWbLbOBmPoT8McHy8jy87Ln3YLndkj8Ep9tuky/2WTldsfRF9RJ8DTXgTT5z:Wr29gwMP/pdsJF9RS8TV
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2