Overview

overview

7

Static

static

3

Plano_Clie...cx.exe

windows7-x64

7

Plano_Clie...cx.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a0e9ac232ddec424afeb4470e2fc1ac1_JaffaCakes118

  • Size

    139KB

  • Sample

    240817-c7yegsshkb

  • MD5

    a0e9ac232ddec424afeb4470e2fc1ac1

  • SHA1

    6373fc3048bc03d0989286b5267280d7cc29101e

  • SHA256

    103ea18243001073531d3f603e0e644a259c0fef049adea0d079d6c9defef2b5

  • SHA512

    16a39627d876c4a2481db83ac42bbe9597dc336ea7f054aa472df84d6ce065a9982cf4bc1fe06ef1a4ce45b0fc02981bfb387fcf21bd9fed4a6292f0f4e6086f

  • SSDEEP

    3072:yxcGoTB3RzXXBJbTo15YB8zD19QxMYoAnEVi85k/ux0R0Kgc+GZyTtxP:Cm3pB1o8OzD19Qf5EVm/90KUKyL

Score
7/10
adwarecredential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      Plano_Client0039_Documento_Docx.exe

    • Size

      180KB

    • MD5

      ca05247bad8dcd2ee95b294649c56576

    • SHA1

      58c9750532ea8356596573dde49b8e134a344c2e

    • SHA256

      fe270f4c239f8bdcaad52584876479d5ae45c175cc631af87bad763ab7d013a0

    • SHA512

      0c4ae25952b3b7230961d4889a4033ad62cb49faebd066d0071f70e53d798d04a9bb649e6980de9dcbbc266696923ff30da261b66f2ca3e3d7537297be459766

    • SSDEEP

      3072:hx0dz78MaVEGTgs0g0Aku4X+zvzfbqqDDX2h/r4Jx+v51ZRcZrB18EUxf:hWJUbTgbg0HuhvzeM2Z4J8vZRErdU

    Score
    7/10
    adwarecredential_accessdiscoveryspywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks