50f6f71e163bc920a23de81c5ca14399a1712bec31cd6b0ed110fc1a16393295 | Triage

Sharing

General

Target

a73aa55d8069f5ea9d8fd82337b45f71_JaffaCakes118
Size

486KB
Sample

240818-s4c75stdnk
MD5

a73aa55d8069f5ea9d8fd82337b45f71
SHA1

e0aeb5fa1528179b3ab7bc49a6ec407679b50c75
SHA256

50f6f71e163bc920a23de81c5ca14399a1712bec31cd6b0ed110fc1a16393295
SHA512

1e56280dde7a5942a918dea0fed092c6cf244a03d621840690cb8b14321fbbc17aaa4eafb7a204ff7701d0913afc7002a08019b4a14101795b033aba17c1bfa6
SSDEEP

6144:DFF9+2oSnWROvI2s6s5Mbx4SP4CeispUmBsaLYZHLlza/aGyKL2vZVh2zJeeZb:7KMWAIp6sM/45iOB/eHLRCByKMVhWb

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  a73aa55d8069f5ea9d8fd82337b45f71_JaffaCakes118
- Size
  
  486KB
- MD5
  
  a73aa55d8069f5ea9d8fd82337b45f71
- SHA1
  
  e0aeb5fa1528179b3ab7bc49a6ec407679b50c75
- SHA256
  
  50f6f71e163bc920a23de81c5ca14399a1712bec31cd6b0ed110fc1a16393295
- SHA512
  
  1e56280dde7a5942a918dea0fed092c6cf244a03d621840690cb8b14321fbbc17aaa4eafb7a204ff7701d0913afc7002a08019b4a14101795b033aba17c1bfa6
- SSDEEP
  
  6144:DFF9+2oSnWROvI2s6s5Mbx4SP4CeispUmBsaLYZHLlza/aGyKL2vZVh2zJeeZb:7KMWAIp6sM/45iOB/eHLRCByKMVhWb
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/IpConfig.dll
- Size
  
  114KB
- MD5
  
  a3ed6f7ea493b9644125d494fbf9a1e6
- SHA1
  
  ebeee67fb0b5b3302c69f47c5e7fca62e1a809d8
- SHA256
  
  ec0f85f8a9d6b77081ba0103f967ef6705b547bf27bcd866d77ac909d21a1e08
- SHA512
  
  7099e1bc78ba5727661aa49f75523126563a5ebccdff10cabf868ce5335821118384825f037fbf1408c416c0212aa702a5974bc54d1b63c9d0bcade140f9aae1
- SSDEEP
  
  1536:CPDzpyvLtmY7SeAmhPzV8+i7kRuACUxHf91MionF9JTwrLPG5zfO+lP7:UZl1e7L4ARzC3dwrLPG5zG+lP7
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/Math.dll
- Size
  
  142KB
- MD5
  
  00c44b9c01d1f647e01dd14ddd003a3f
- SHA1
  
  5f47344fe2854d6dbcee1aa1fc6dc81db4689006
- SHA256
  
  967fb313a685c54f75ec193836a078787a6f5fc6e8626df4aa7460594b35ff0c
- SHA512
  
  bc952b0ceda26e7f3a2ec9031be113b40664daf3eb0d49057ab52696eda49190e18f3833378ff2dfbbd4ee2c33ecd91309c1232b458046197faddd6222cc2238
- SSDEEP
  
  3072:t8wvB8XpBgGLJ5UmAg0Fuzz/OBNABNmXh/rb1Gn:uO8XkG/UmAOz7iy4un
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/NSISpcre.dll
- Size
  
  164KB
- MD5
  
  bfe060c22b44914e05d3f5367de6c9fe
- SHA1
  
  24c72b0b57b0066a5e8b235104a0502400e44b9a
- SHA256
  
  43041f8540dccbc33268bfbef53037d17170b037f6393e77c21429f303ae828f
- SHA512
  
  ad3a23edd8d62b198e4a2ccf03f6d607dee41fa23fd6f9dfabdc5ee424b5e22a6e00b8a28e50fe177829a2cc25ce05484423e97c682036fc5146e2adf560bc44
- SSDEEP
  
  3072:5YFyk+vtvpoYYPkoYMtXTP5V+4Km//sbJVlseEOb+Y+UT:KFyznYntXL5XKCk9MeEm7
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  a78507ea1078cadaa8b2ec1a2e1d874f
- SHA1
  
  77fe20488444ebbaafc5b2c0743251a94edc3b8e
- SHA256
  
  93d1e681daebfd24ff9fab3952e8ae94eddbdfb3650937988c1fd8085991610e
- SHA512
  
  0399452c7305f23576d4175ec198ad8da8a530215e9304632b20bcb41a38fa0ba2c1c0b0b734b9f887851c92c7f2cf4cdfad403ace84e63318c0694402e1f270
- SSDEEP
  
  192:8trS5c+oKreH53n2fUC1lfeTf9OJCzD4/IVqh88GrgU6H:/jrd09O3/IcG8U6H
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  e541458cfe66ef95ffbea40eaaa07289
- SHA1
  
  caec1233f841ee72004231a3027b13cdeb13274c
- SHA256
  
  3bce87b66d9272c82421920c34b0216e12c57a437d1955c36f23c74c1a01d420
- SHA512
  
  0bf6313e4cb7bbdcfba828fb791540b630adc58c43aa4b5ba77790367d0f34f76077cd84cc62e2a2c98c788a88547f32a11e549873d172c5aa2753124847cd0c
- SSDEEP
  
  384:b1JO6XgZkjxm+NpXaWgzxUX//EUhU7ya4LQ0Ac9khYLMkIX0+GBty3Sm0:b+6Xgsm+NpKWgzxUXnEUhUua4Li70
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  e301e0184786c5c75b4b34e4d04608eb
- SHA1
  
  02382247eeec365f3b47518efe0a8f3a896f28a3
- SHA256
  
  02869a0f0b3826af1c859e57541b38869c506fbbf15cc5ca28edbe18776aa3b5
- SHA512
  
  3dc744d2f92dc6fb13f9f431a51fdad39bbcf863f273d5f203c729111c120586e96ea0e79f5c5fe821d3f67ea34f4ab6abe88cdde84e9e09da92d1e7a109d982
- SSDEEP
  
  192:c7ABMfTa1iCY1SO8K4i7U3M08/8Z+Qt+5GQcm5XPe/t:c7uyTa1iCYLT7WS8nm9P5X21
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/nsisos.dll
- Size
  
  5KB
- MD5
  
  69806691d649ef1c8703fd9e29231d44
- SHA1
  
  e2193fcf5b4863605eec2a5eb17bf84c7ac00166
- SHA256
  
  ba79ab7f63f02ed5d5d46b82b11d97dac5b7ef7e9b9a4df926b43ceac18483b6
- SHA512
  
  5e5e0319e701d15134a01cb6472c624e271e99891058aef4dfe779c29c73899771a5b6f8b1cd61b543a3b3defeaecaa080c9cc4e76e84038ca08e12084f128eb
- SSDEEP
  
  48:6EyuygeHCfxwU5x+6kx/k1gONv27oBc2OkIrHHl:VeHCf2762kKsu7oGjkIrn
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  conduitinstaller.exe
- Size
  
  206KB
- MD5
  
  132e1c3a27e824eb6b120226ac368593
- SHA1
  
  d99fa9347b3e05ec6a36156323a5d53be8f9f14f
- SHA256
  
  cc5d5be9c191a13d58500eb662ebc34f527fa37d6bf0250d5a2bbf4759224642
- SHA512
  
  bfc5e207bc73bb53b0a2d8b2ab417f95cc309d09e05fa1ad731e8a0688b9b88c0d5fbc57bf79db8e19b8dc2311c53076e9b21b37e26a7fca72aede3dcb235ac3
- SSDEEP
  
  6144:cFJ0sZ1ZdazTH6N0tkl3KKJDvQQ9+AAD6aOR:GzdafO0Md2eaOR
Score

7^/10

discovery
- Loads dropped DLL
behavioral17 behavioral18
- Target
  
  $PLUGINSDIR/ConduitInetc.dll
- Size
  
  471KB
- MD5
  
  70e3b20d184751b642b06c5a7855c455
- SHA1
  
  89b00dc942e9c4965765acdb08b3e4a392f2af66
- SHA256
  
  92e693d3d8be731a66a314e5f15cfad1f4e656f3fee3d32e9e9a736b80be46c1
- SHA512
  
  48318557e3eb67379b8a8732457ef07864d4dd7a711f22834f883aaa66dbdab01b490a8928c831690e9aadc1514dfb559731142d7c10afd3e75550ab303a0dd3
- SSDEEP
  
  12288:VtekAxiuSQ8xxtOZqwk2GKXTGv5CySOe7DDHtC:revxiuSdxgDk2GKXTGv5CySOePD
Score

3^/10

discovery
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/IEFunctions.dll
- Size
  
  3KB
- MD5
  
  a35a9ed8c431d68d0ae08f287aac3d56
- SHA1
  
  68084885f1f61e418b58208cd5ef06832aa1312d
- SHA256
  
  eb2f3e47b921fe4704ee02a0b433aeeb12ea297c102c0c34151545280bf679c4
- SHA512
  
  c6ddab55efe6c05a7c4ec577f2da80d15fb5f57736d88e5f93fbd06518452f7e4973907733cdebe84570c281511b9d7dc52a3ab9fdbc3a96e9eb51e80a2bfb12
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/nsExec.dll
- Size
  
  6KB
- MD5
  
  acc2b699edfea5bf5aae45aba3a41e96
- SHA1
  
  d2accf4d494e43ceb2cff69abe4dd17147d29cc2
- SHA256
  
  168a974eaa3f588d759db3f47c1a9fdc3494ba1fa1a73a84e5e3b2a4d58abd7e
- SHA512
  
  e29ea10ada98c71a18273b04f44f385b120d4e8473e441ce5748cfa44a23648814f2656f429b85440157988c88de776c6ac008dc38bf09cbb746c230a46c69fe
- SSDEEP
  
  96:M7GUb+YNfwgcr8zyKwZ5S4JxN8BS0ef9/3VI9d0qqyVgNk32E:eKgfwgcr8zylsB49Ud0qJVgNX
Score

3^/10

discovery
behavioral25 behavioral26

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26