Overview

overview

9

Static

static

7

ab8508e491...18.exe

windows7-x64

9

ab8508e491...18.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab8508e491d55654ed9f405a8f940424_JaffaCakes118

  • Size

    397KB

  • Sample

    240819-spbe1a1fqf

  • MD5

    ab8508e491d55654ed9f405a8f940424

  • SHA1

    892f7c38be2eb3337d739f4db725b0f809fd91be

  • SHA256

    bcfbe5a54d320d71c45599a346acd80341728883a112d145c1417597c0076856

  • SHA512

    88e55a08c0308de54fd2d5384b9190c4e9f61892c936fe83d9b870dcc1a67951587a729ad9cf76b71213b68cf626f53228efd2f8eeb354dee42baf06ceaeb56f

  • SSDEEP

    12288:HwPckxPGuI5SD1csTcTX/4dpKHabucRI5yRoganssOP:+xtDNcTX1HqFR9anssOP

Score
9/10
aspackv2discoveryspywarestealer

Malware Config

Targets

    • Target

      ab8508e491d55654ed9f405a8f940424_JaffaCakes118

    • Size

      397KB

    • MD5

      ab8508e491d55654ed9f405a8f940424

    • SHA1

      892f7c38be2eb3337d739f4db725b0f809fd91be

    • SHA256

      bcfbe5a54d320d71c45599a346acd80341728883a112d145c1417597c0076856

    • SHA512

      88e55a08c0308de54fd2d5384b9190c4e9f61892c936fe83d9b870dcc1a67951587a729ad9cf76b71213b68cf626f53228efd2f8eeb354dee42baf06ceaeb56f

    • SSDEEP

      12288:HwPckxPGuI5SD1csTcTX/4dpKHabucRI5yRoganssOP:+xtDNcTX1HqFR9anssOP

    Score
    9/10
    aspackv2discoveryspywarestealer

    • Detected Nirsoft tools

      Free utilities often used by attackers which can steal passwords, product keys, etc.

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Network Share Discovery

      Attempt to gather information on host network.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks