Overview

overview

7

Static

static

3

Sample.Picture.exe

windows7-x64

7

Sample.Picture.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3c42a009d3a637955d0fd186bd6d9c34_JaffaCakes118

  • Size

    793KB

  • Sample

    240712-gyxh2stfmd

  • MD5

    3c42a009d3a637955d0fd186bd6d9c34

  • SHA1

    6a13a823a752a2cd76dbec78bf61409d770b936e

  • SHA256

    91c54a3115487e3a5e4880d699ee2e61de01ac28db91df7873976eb9367f869a

  • SHA512

    8dbccc7f7832c32c3501ee59e1d4dbff6c252287d4d4a11ef7987f7622c2b5376ef8527aab069d050e41c07280be65ad72fe0ca59cd3100f3cc313ee3f14a520

  • SSDEEP

    24576:JXxN8ZS+03m3ikLE9hzxN1vZgk/M9PrbJp6N7UW/2:Jj8I+03lkLE9hzhvZh/obqdUS2

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      Sample.Picture.exe

    • Size

      1.6MB

    • MD5

      12c2de0cf5eb38984db8b3cd8a123151

    • SHA1

      da72e21c7a345bb2af8fbe0926862d6849bff468

    • SHA256

      66949b580772fd8b822a25efb149e18e335724cd6a3858f67c2fda9ff66a0c73

    • SHA512

      db43a4690ac4a1c9b68dcd3bb980c0e15fd04b79d1434a6c3677760d7bf412147b8d58f80753328112b37aed61ed4116705207c9b6c673cce4002550b6f25aea

    • SSDEEP

      24576:iea9rqGw1QRJhAGtyjHT9dBvG30u+FIc:+9wqhAGkNGUFIc

    Score
    7/10
    spywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks