89492b5f33a3ff7ec46bfdfc13a9b30df7194691a0a809f705f058125d1c8bef | Triage

Sharing

General

Target

81c567bc4c5a9c558622b74b6fb0935e_JaffaCakes118
Size

453KB
Sample

240801-z1f8ys1ard
MD5

81c567bc4c5a9c558622b74b6fb0935e
SHA1

4dbcb180e67254329cc43bb8f0919b031f6317fc
SHA256

89492b5f33a3ff7ec46bfdfc13a9b30df7194691a0a809f705f058125d1c8bef
SHA512

8b6ffc9887c3b44a0743bd3e3a40062288eb14563824e6947271229c3e89621f0cb343963aa2da86f746e56b933bfb33e073319c386b2d9d2836d9c7f5320488
SSDEEP

12288:4QUwe7QbXs0DcW+smXWvbSed/T7Sdabv8LhbQ:4QUWXBDcs/eeN6y+hbQ

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  81c567bc4c5a9c558622b74b6fb0935e_JaffaCakes118
- Size
  
  453KB
- MD5
  
  81c567bc4c5a9c558622b74b6fb0935e
- SHA1
  
  4dbcb180e67254329cc43bb8f0919b031f6317fc
- SHA256
  
  89492b5f33a3ff7ec46bfdfc13a9b30df7194691a0a809f705f058125d1c8bef
- SHA512
  
  8b6ffc9887c3b44a0743bd3e3a40062288eb14563824e6947271229c3e89621f0cb343963aa2da86f746e56b933bfb33e073319c386b2d9d2836d9c7f5320488
- SSDEEP
  
  12288:4QUwe7QbXs0DcW+smXWvbSed/T7Sdabv8LhbQ:4QUWXBDcs/eeN6y+hbQ
Score

7^/10

discovery evasion spyware stealer trojan
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryevasionspywarestealertrojan