Overview

overview

9

Static

static

9

MozillaHis...ew.chm

windows7-x64

1

MozillaHis...ew.chm

windows10-2004-x64

1

MozillaHis...ew.exe

windows7-x64

9

MozillaHis...ew.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d24cd8cb6e7abf17f4d8f0c34eb3466_JaffaCakes118

  • Size

    50KB

  • Sample

    240812-d3z8ystclp

  • MD5

    8d24cd8cb6e7abf17f4d8f0c34eb3466

  • SHA1

    666f6ccb4a69f4a56ee56e631b6a8077387fb688

  • SHA256

    6adebf341a8d52c205afdb9c8feb4b65096b1705e6703afb6f43332996c08146

  • SHA512

    092fddefe863d268aa2a826be539b0860b551f657a52809ae7072028aeb2d1199b10b13dcd308f0bba95af8bed3ef00ad295f598c0c154637c5215ff5150ee9e

  • SSDEEP

    1536:/0+kwZWHtX1jETonwraw/3ak4EwdeZId5oAtMXZrKw/rVMWnvNbK:/0ggHtFyqklwdeuZurKOK

Score
9/10
discoveryspywarestealerupx

Malware Config

Targets

    • Target

      MozillaHistoryView/MozillaHistoryView.chm

    • Size

      15KB

    • MD5

      448e46e50458a3a2d858781d32feba3a

    • SHA1

      1dc9de25032b8c54e5046d88eafabf1eac5be557

    • SHA256

      7d671e26fffecbc5ded430a401b07bcf43c487c35ebf1eaad9acdf596b676c3e

    • SHA512

      8095fb7d6178d0cdcd392931a235e75d7e79b5b348e9aa1897aeeb1da98fb8fa189568e9af945099415e0b313855d83d6f0865fd0f6f9f905e2c261718a7f28b

    • SSDEEP

      192:xVlYrWZ+sPRJtA3dK/+EwZ6eymEPpaNrmJfuw0X:xVlYrWZ+Vw+7Z6xFYNyhA

    Score
    1/10
    behavioral1behavioral2

    • Target

      MozillaHistoryView/MozillaHistoryView.exe

    • Size

      42KB

    • MD5

      e47b3c7dd2e761188ad239810f0677dd

    • SHA1

      694cd12c0777a1fa3612032a32d526158c3eac99

    • SHA256

      907a44a9dd1ea6567d607eb2a73e25b28c2a6cf98951e55c1e5c0b58e86b2d8d

    • SHA512

      baaa7dfbc87340582b242bf9496e972155e4c83c75bcf94d891d0ca446518aa9b70a0c41b1ebc160893de4ff2488ab7e1f04fa417bb995ed7e874006c64e4315

    • SSDEEP

      768:60Wg9p1tYNgDtXu9nHpq/Zd789/wwuTM0tSx3xkHJBdR:fR1tYNgDtzZd7o/w3uYTdR

    Score
    9/10
    discoveryspywarestealerupx

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks