57f98ac65382eafa1de20409e13181e3ff915ba5f9a04c91276b476eef94f18e | Triage

Sharing

General

Target

7185230a5d9dbf829bde5b71768e5324_JaffaCakes118
Size

265KB
Sample

240725-2jby1syhkl
MD5

7185230a5d9dbf829bde5b71768e5324
SHA1

30b4aa3a0a36ac5f4769882168e6007fce275239
SHA256

57f98ac65382eafa1de20409e13181e3ff915ba5f9a04c91276b476eef94f18e
SHA512

c09f65825159024dcc88bc401421a0c19dfc38865b1f0e67578725560725fd6fbeb3c1df54db1b314daf914bdf1626e615e6dba207f146b19df4c59d5a464055
SSDEEP

6144:5s4dC3H9zfDSFekpOYfTqloi9JdugsZltZaOfG:FM3H5uFekp76brdug6ZNG

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  7185230a5d9dbf829bde5b71768e5324_JaffaCakes118
- Size
  
  265KB
- MD5
  
  7185230a5d9dbf829bde5b71768e5324
- SHA1
  
  30b4aa3a0a36ac5f4769882168e6007fce275239
- SHA256
  
  57f98ac65382eafa1de20409e13181e3ff915ba5f9a04c91276b476eef94f18e
- SHA512
  
  c09f65825159024dcc88bc401421a0c19dfc38865b1f0e67578725560725fd6fbeb3c1df54db1b314daf914bdf1626e615e6dba207f146b19df4c59d5a464055
- SSDEEP
  
  6144:5s4dC3H9zfDSFekpOYfTqloi9JdugsZltZaOfG:FM3H5uFekp76brdug6ZNG
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AskSearchAsst.exe
- Size
  
  106KB
- MD5
  
  28387db3bfa8ed7f1ba742b02b0c09d8
- SHA1
  
  517e2757282999db9cf823c2d7dedfa07342d5ad
- SHA256
  
  6e314a62cb2e33d5d5df9720ad8c0b5b466c2cc4a6fd12eeb5b633b8c72df3ba
- SHA512
  
  b6ea8554e6c8c614fe065e9915cfe0a8832b2f55bc30906f2ad8151911c70fbc37f8e6f456897c0409e28f10338bbc545f529feb91b54821dd867f5c749b7767
- SSDEEP
  
  1536:upgpHzb9dZVX9fHMvG0D3XJjAyASrBYt/nPl1wuK+J/K4Xhf6tW1svQf93wpoebw:0gXdZt9P6D3XJT/tOt27dW1sIxm9bw
Score

7^/10

discovery
- Loads dropped DLL
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/UserInfo.dll
- Size
  
  4KB
- MD5
  
  1e8e11f465afdabe97f529705786b368
- SHA1
  
  ea42bed65df6618c5f5648567d81f3935e70a2a0
- SHA256
  
  7d099352c82612ab27ddfd7310c1aa049b58128fb04ea6ea55816a40a6f6487b
- SHA512
  
  16566a8c1738e26962139aae893629098dc759e4ac87df3e8eb9819df4e0e422421836bb1e4240377e00fb2f4408ce40f40eee413d0f6dd2f3a4e27a52d49a0b
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  8KB
- MD5
  
  a7d710e78711d5ab90e4792763241754
- SHA1
  
  f31cecd926c5d497aba163a17b75975ec34beb13
- SHA256
  
  9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2
- SHA512
  
  f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0
- SSDEEP
  
  96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/CustomLicense.dll
- Size
  
  3KB
- MD5
  
  3c4c9b038c7eb5223691586a42415fef
- SHA1
  
  53eb3587f5313f9aae5aea8b92f7ceb45db19fc6
- SHA256
  
  60f9263a1693ae5a18523ee5d0f37e512882edaea2b84a028279d7fe5bb305ae
- SHA512
  
  a07843d793811ca6ea9be734c458209a1bb224297743e23304f48b65f38ea9ae5a570f99b5c23642431ecb5cb30bcb43848bb92e6529395c232c63f641143250
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  $PLUGINSDIR/GetVersion.dll
- Size
  
  6KB
- MD5
  
  5264f7d6d89d1dc04955cfb391798446
- SHA1
  
  211d8d3e7c2b2f57f54a11cb8bc4fa536df08acc
- SHA256
  
  7d76c7dd8f7cd5a87e0118dacb434db3971a049501e22a5f4b947154621ab3d4
- SHA512
  
  80d27ee2f87e2822bd5c8c55cc3d1e49beebb86d8557c92b52b7cbea9f27882d80e59eefa25e414eecee268a9a6193b6b50b748de33c778b007cde24ef8bcfb7
- SSDEEP
  
  96:E12Z84uiwpGTVTDSpaHYfniz0R3GhCvXY6Ix5vdR7pBi46AQ5Vu4:2STVTGwYhR3GhCvy5vH7pBi46AQ5Vu
Score

3^/10

discovery
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  4KB
- MD5
  
  99f345cf51b6c3c317d20a81acb11012
- SHA1
  
  b3d0355f527c536ea14a8ff51741c8739d66f727
- SHA256
  
  c2689ba1f66066afce85ca6457ecd36370be0fe351c58422e45efd0948655c93
- SHA512
  
  937aa75be84a74f2be3b54dc80fac02c17dad1915d924ef82ab354d2a49bc773ee6d801203c52686113783a7c7ea0e8ed8e673ba696d6d3212f7006e291ed2ef
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  8d8fdad7e153d6b82913f6fdc407d12c
- SHA1
  
  aabbeed33cd5221e4cb22aab6e48310df94facfd
- SHA256
  
  e727c8bba6686c4814602f2bc089af4b4cf3498d1dbe1a08d8c4732da5ba046b
- SHA512
  
  42bc0ce1aca63904c34025307fd4b1d9f480ae47e42e7dfa48bbbf8286d947de2989435ad7a748951291307949217afeebcd31d10a1356c9366d3187085773a2
- SSDEEP
  
  384:0B/JF+HUI+LzlKSYWwgdHEINlWya4LL0Ac9khYLMkIX0+GBxgW+x:WFo72lvYWwgy8Fa4LX
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/linker.dll
- Size
  
  6KB
- MD5
  
  8450b29ee8d592c208ba1aaf6ee50267
- SHA1
  
  75096da057bc85cef63bb0eec168652ea75cf618
- SHA256
  
  53aa57e582dc56421c1191a0a9efac9c36960b903b7d825f3b9682605ec2b612
- SHA512
  
  d23a3057053a1f36f5eb212ae0b09b9b0b41e50b8a6a20bbc46c12c51199ad0bca741bcce17534488158e8f2b9470dbdac2aa059688b7588a05778c40d461039
- SSDEEP
  
  48:q/XgJspkvsIWyuS3fyVLkmqbIWXGuDNcGo+FLtLFSfrPIk2vIhll:4gJsFIWjS3qVomqIixo+9tLFUr4vMl
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/md5dll.dll
- Size
  
  8KB
- MD5
  
  a7d710e78711d5ab90e4792763241754
- SHA1
  
  f31cecd926c5d497aba163a17b75975ec34beb13
- SHA256
  
  9b05dd603f13c196f3f21c43f48834208fed2294f7090fcd1334931014611fb2
- SHA512
  
  f0ca2d6f9a8aeac84ef8b051154a041adffc46e3e9aced142e9c7bf5f7272b047e1db421d38cb2d9182d7442bee3dd806618b019ec042a23ae0e71671d2943c0
- SSDEEP
  
  96:YV2qpbvYSflug0Dvxn6GuKM9sh1gdrN9+oB7FT9WibOoBZcko5N/:Yt5lugRK8hlvbwkKV
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ab73c0c2a23f913eabdc4cb24b75cbad
- SHA1
  
  6569d2863d54c88dcf57c843fc310f6d9571a41e
- SHA256
  
  3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457
- SHA512
  
  99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8
- SSDEEP
  
  96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32