c70b63f3fb3da9d3e5d23e268d0dd40a9cfcd5fe92f29b48d27b97b9885c96f4 | Triage

Sharing

General

Target

62533ba5dc238ebf4ff19f62838eba2a_JaffaCakes118
Size

221KB
Sample

240722-jgwarswale
MD5

62533ba5dc238ebf4ff19f62838eba2a
SHA1

9fc3a80c0d3fb8f860a223f90193fc7195af819d
SHA256

c70b63f3fb3da9d3e5d23e268d0dd40a9cfcd5fe92f29b48d27b97b9885c96f4
SHA512

707d11f71fef912b88a745175f612b8966459ff5fb8c068a0c348631021776bf8c68db49fe80ed56d0369b3fc0fe36367842ef4f9f2de27250ed1d3d9ee78f9e
SSDEEP

3072:p5RFk5LYUDOqRIxblOCF21B2EL2Uq8XcweU/t7YFguAfbXTzTvxGz6bnIKq63c:p5RFk5BubM5H/x73bXTzTvxGz6bnIKo

Score

7^/10

spyware stealer

Malware Config

Targets

- Target
  
  62533ba5dc238ebf4ff19f62838eba2a_JaffaCakes118
- Size
  
  221KB
- MD5
  
  62533ba5dc238ebf4ff19f62838eba2a
- SHA1
  
  9fc3a80c0d3fb8f860a223f90193fc7195af819d
- SHA256
  
  c70b63f3fb3da9d3e5d23e268d0dd40a9cfcd5fe92f29b48d27b97b9885c96f4
- SHA512
  
  707d11f71fef912b88a745175f612b8966459ff5fb8c068a0c348631021776bf8c68db49fe80ed56d0369b3fc0fe36367842ef4f9f2de27250ed1d3d9ee78f9e
- SSDEEP
  
  3072:p5RFk5LYUDOqRIxblOCF21B2EL2Uq8XcweU/t7YFguAfbXTzTvxGz6bnIKq63c:p5RFk5BubM5H/x73bXTzTvxGz6bnIKo
Score

7^/10

spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2