Overview

overview

10

Static

static

10

8ca16db9fe...18.exe

windows7-x64

9

8ca16db9fe...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ca16db9feb4fefdd2c49a0ed185f5db_JaffaCakes118

  • Size

    208KB

  • Sample

    240812-azcrpsxajr

  • MD5

    8ca16db9feb4fefdd2c49a0ed185f5db

  • SHA1

    c8c629a173b744efaddc9093af690abef4a8db7d

  • SHA256

    e83d11c76781b1400b2aefb5b0686ad77db47da2ff7d9165ebbef0f700d0bc89

  • SHA512

    75fc1778aeddfabf23cb69cff9867f15c6e374d5f2d135e2fafd0a48274c0254765b62f1e4390ab37ad25731f9b8b54539b6569a3f259660f949fb3418e25234

  • SSDEEP

    6144:u3bdXPx3adIKCC0ef//uXltKc+LVsz9b8:4adFeCXuLKcCVsz6

Score
10/10
isrstealercredential_accessdiscoveryspywarestealerupx

Malware Config

Targets

    • Target

      8ca16db9feb4fefdd2c49a0ed185f5db_JaffaCakes118

    • Size

      208KB

    • MD5

      8ca16db9feb4fefdd2c49a0ed185f5db

    • SHA1

      c8c629a173b744efaddc9093af690abef4a8db7d

    • SHA256

      e83d11c76781b1400b2aefb5b0686ad77db47da2ff7d9165ebbef0f700d0bc89

    • SHA512

      75fc1778aeddfabf23cb69cff9867f15c6e374d5f2d135e2fafd0a48274c0254765b62f1e4390ab37ad25731f9b8b54539b6569a3f259660f949fb3418e25234

    • SSDEEP

      6144:u3bdXPx3adIKCC0ef//uXltKc+LVsz9b8:4adFeCXuLKcCVsz6

    Score
    9/10
    credential_accessdiscoveryspywarestealerupx

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks