cf09bdae03624e9eedcd431e96f84a69841edb897c7952b20dd5ae041cc3375e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ae244255212ca7a10f15d54dbe1b723_JaffaCakes118
Size

1.6MB
Sample

240719-hn19xsxflk
MD5

5ae244255212ca7a10f15d54dbe1b723
SHA1

296dae64cf9d9cc5c76830b98a061baa999fe398
SHA256

cf09bdae03624e9eedcd431e96f84a69841edb897c7952b20dd5ae041cc3375e
SHA512

a562d6c942808df671fd4683160385b3c4349c237b2edc819500466f2b199975fe6b178919a70344c1351466aded6ad6f0fbd25983da21deca7e86490d4c71de
SSDEEP

24576:6saP0YfRy45u24bZ8EgVf5Uw1UMGoDroQ8GOvVNLGqPW7xNTZKu3kF2ep2SdE2SR:2VfRr4ZTgBUAUMGoDroQ8rz3oTphr9

Score

7^/10

evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  5ae244255212ca7a10f15d54dbe1b723_JaffaCakes118
- Size
  
  1.6MB
- MD5
  
  5ae244255212ca7a10f15d54dbe1b723
- SHA1
  
  296dae64cf9d9cc5c76830b98a061baa999fe398
- SHA256
  
  cf09bdae03624e9eedcd431e96f84a69841edb897c7952b20dd5ae041cc3375e
- SHA512
  
  a562d6c942808df671fd4683160385b3c4349c237b2edc819500466f2b199975fe6b178919a70344c1351466aded6ad6f0fbd25983da21deca7e86490d4c71de
- SSDEEP
  
  24576:6saP0YfRy45u24bZ8EgVf5Uw1UMGoDroQ8GOvVNLGqPW7xNTZKu3kF2ep2SdE2SR:2VfRr4ZTgBUAUMGoDroQ8rz3oTphr9
Score

7^/10

evasion spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealertrojan

behavioral2