25ed762b894a31d6003115a9394f571e2d883f54e3655b80adf308e529adfc79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5cd259eaaa3460b72dd4d39493a95313_JaffaCakes118
Size

1.1MB
Sample

240719-vea3lathpc
MD5

5cd259eaaa3460b72dd4d39493a95313
SHA1

00fff4339866ae165b13da6d776f7bb67fa8aa4f
SHA256

25ed762b894a31d6003115a9394f571e2d883f54e3655b80adf308e529adfc79
SHA512

fb576ab10564aced8d43671a5d57075284666cc876f8bf24bc724a78bdd434fba67986081b2bdb7b3f1da704a7a0cae9e787dd3d880bb216a2da0495b281ed3c
SSDEEP

24576:Y4oKmf5R/pOCuxGU13IlBwaa6NKHb/JBE6JuHMfMooE:Y4uv/pOCIGk3Ivwaa6IHz3E6JuHMfM

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  5cd259eaaa3460b72dd4d39493a95313_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  5cd259eaaa3460b72dd4d39493a95313
- SHA1
  
  00fff4339866ae165b13da6d776f7bb67fa8aa4f
- SHA256
  
  25ed762b894a31d6003115a9394f571e2d883f54e3655b80adf308e529adfc79
- SHA512
  
  fb576ab10564aced8d43671a5d57075284666cc876f8bf24bc724a78bdd434fba67986081b2bdb7b3f1da704a7a0cae9e787dd3d880bb216a2da0495b281ed3c
- SSDEEP
  
  24576:Y4oKmf5R/pOCuxGU13IlBwaa6NKHb/JBE6JuHMfMooE:Y4uv/pOCIGk3Ivwaa6IHz3E6JuHMfM
Score

7^/10

spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2