48a37de49f69fb7c447941e98a2df76e56179ac5882a05d79e85a5a5d98c9fe0 | Triage

Sharing

General

Target

73d2fad536c9eedecb4f98ad2d06dec6_JaffaCakes118
Size

252KB
Sample

240726-nd2qlayarg
MD5

73d2fad536c9eedecb4f98ad2d06dec6
SHA1

a06e225c9a10dd54a283da2a090ce8cd08a31143
SHA256

48a37de49f69fb7c447941e98a2df76e56179ac5882a05d79e85a5a5d98c9fe0
SHA512

bc68c3236b223a4e30fc3c7f64b85830ccdf203d532e8d8553449aab67aaaac6516025f78dde7d30b67f33346121dcc98a5ac83f8b15161fff8cdd58d59e33ce
SSDEEP

3072:iU9APS5c29I2BrCZnfGxO0ZgGd3FJCc2x6rPjqieLFP:iUyPSw2BGZfGg4pwrxSjqiepP

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  73d2fad536c9eedecb4f98ad2d06dec6_JaffaCakes118
- Size
  
  252KB
- MD5
  
  73d2fad536c9eedecb4f98ad2d06dec6
- SHA1
  
  a06e225c9a10dd54a283da2a090ce8cd08a31143
- SHA256
  
  48a37de49f69fb7c447941e98a2df76e56179ac5882a05d79e85a5a5d98c9fe0
- SHA512
  
  bc68c3236b223a4e30fc3c7f64b85830ccdf203d532e8d8553449aab67aaaac6516025f78dde7d30b67f33346121dcc98a5ac83f8b15161fff8cdd58d59e33ce
- SSDEEP
  
  3072:iU9APS5c29I2BrCZnfGxO0ZgGd3FJCc2x6rPjqieLFP:iUyPSw2BGZfGg4pwrxSjqiepP
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer