e361d8c4969e59f50d44309c5ba532f169417488d0500d1e738fac47374daa0b | Triage

Sharing

General

Target

8802ef204e3dbf608605ddf123f38313_JaffaCakes118
Size

1.5MB
Sample

240810-2w6n6asdql
MD5

8802ef204e3dbf608605ddf123f38313
SHA1

0326a63c3cc319cda4db601884df5af50cc1faf7
SHA256

e361d8c4969e59f50d44309c5ba532f169417488d0500d1e738fac47374daa0b
SHA512

4555de9b44090e6990fb0c7ef6649f48448b4e5df07807dfbc2393ae01f902e18557d9c8b8744401d72e229ef2944b9eb0f6f6c1772b141c5797b059b600b9d8
SSDEEP

24576:LGoseufagFnX8dfncq6cPwKPqnLolyMEIChp2GClQjX0bX7xNTlRFbJjnOAJI8y:uZfaeqn56wwQqLolrEIC3J4r7/Tb3jny

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  8802ef204e3dbf608605ddf123f38313_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  8802ef204e3dbf608605ddf123f38313
- SHA1
  
  0326a63c3cc319cda4db601884df5af50cc1faf7
- SHA256
  
  e361d8c4969e59f50d44309c5ba532f169417488d0500d1e738fac47374daa0b
- SHA512
  
  4555de9b44090e6990fb0c7ef6649f48448b4e5df07807dfbc2393ae01f902e18557d9c8b8744401d72e229ef2944b9eb0f6f6c1772b141c5797b059b600b9d8
- SSDEEP
  
  24576:LGoseufagFnX8dfncq6cPwKPqnLolyMEIChp2GClQjX0bX7xNTlRFbJjnOAJI8y:uZfaeqn56wwQqLolrEIC3J4r7/Tb3jny
Score

7^/10

discovery evasion spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryspywarestealer