f8c6cc94c375b4233e9a6bae52ebe7e643f591e84b758df1e1c144f6568c1c15 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd7fa69253edacacfcaab3bc06d9e530_JaffaCakes118
Size

2.4MB
Sample

240823-2xcgpstfmq
MD5

bd7fa69253edacacfcaab3bc06d9e530
SHA1

9221ad55f397cfe8229f62db84376d5ea450b3ef
SHA256

f8c6cc94c375b4233e9a6bae52ebe7e643f591e84b758df1e1c144f6568c1c15
SHA512

b3f7abb04c34f82057985ade713ab00f0d78acbb64b625db0ab0ed6b1e6c13b24893224758e74769f9b42b6fde7b9724e59023f1ee9edd561008d1b570a72c72
SSDEEP

49152:ckYMWvZl7AZoju8xB8K8j4ssSRYCx6DWBgydzmvuIQF/qOrCQNQlWd:ckYDBl7Ay3xB8Rj4ssfCe8KQ/qOOQNQM

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  bd7fa69253edacacfcaab3bc06d9e530_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  bd7fa69253edacacfcaab3bc06d9e530
- SHA1
  
  9221ad55f397cfe8229f62db84376d5ea450b3ef
- SHA256
  
  f8c6cc94c375b4233e9a6bae52ebe7e643f591e84b758df1e1c144f6568c1c15
- SHA512
  
  b3f7abb04c34f82057985ade713ab00f0d78acbb64b625db0ab0ed6b1e6c13b24893224758e74769f9b42b6fde7b9724e59023f1ee9edd561008d1b570a72c72
- SSDEEP
  
  49152:ckYMWvZl7AZoju8xB8K8j4ssSRYCx6DWBgydzmvuIQF/qOrCQNQlWd:ckYDBl7Ay3xB8Rj4ssfCe8KQ/qOOQNQM
Score

7^/10

discovery
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/AskInstallChecker-1.5.0.0.exe
- Size
  
  242KB
- MD5
  
  8f9b5f4f87207be1cf810ddc95124f92
- SHA1
  
  f5cec54c9aac59167ba95ec8077438be381fba3d
- SHA256
  
  4501e3f8f41966d403e76d3b1d04525098f0b6d41b65741a8351f3b0d3e4397e
- SHA512
  
  dac421d8132e474ddfc9ba5954928b40d952af17c4c2085c30f5f3dc631962c2f05db52cb487371108b6b61e6fbc0a82d68ced48e9075a1fbc5a214d5d201097
- SSDEEP
  
  3072:L9Sc/cBP7ZyFQyNGhwPjVr88LkkPl5qcV21BSA5mffoL6xB3UCWT4zeNpdrhUu5g:L9+B9AHKyjVrTLkkP7qcXvxZzchm
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/InetLoad.dll
- Size
  
  18KB
- MD5
  
  994669c5737b25c26642c94180e92fa2
- SHA1
  
  d8a1836914a446b0e06881ce1be8631554adafde
- SHA256
  
  bf01a1f272e0daf82df3407690b646e0ff6b2c562e36e47cf177eda71ccb6f6c
- SHA512
  
  d0ab7ca7f890ef9e59015c33e6b400a0a4d1ce0d24599537e09e845f4b953e3ecd44bf3e3cbe584f57c2948743e689ed67d2d40e6caf923bd630886e89c38563
- SSDEEP
  
  384:nUOPTbiJmdztwwKq8W1cyMjPzV0Ac9k+LMkIX1+Gn+XHdjf:nTikliwKq8W1rMjPzz+f
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/NSISdl.dll
- Size
  
  14KB
- MD5
  
  254f13dfd61c5b7d2119eb2550491e1d
- SHA1
  
  5083f6804ee3475f3698ab9e68611b0128e22fd6
- SHA256
  
  fd0e8be2135f3d326b65520383a3468c3983fa32c9c93594d986b16709d80f28
- SHA512
  
  fcef8ac5bd0ee6e316dbbc128a223ba18c8bf85a8d253e0c0877af6a4f686a20b08d34e5a426e2be5045962b391b8073769253a4d9b18616febc8133ccf654f7
- SSDEEP
  
  192:t5ZTobBDJ68r67wmsvJI5ad9cXzFOVu+mZ/P3p+57CvpVqDxVp01Dwn2GRYgsfA:fBo/680dCI5adOjFOg9//p27uNw2bo
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/askToolbarInstaller-1.9.1.0.exe
- Size
  
  2.9MB
- MD5
  
  aee02b9d3d9dfe2dfec230ace3804ba8
- SHA1
  
  ad44a69068930a5a5e100f7e1f14cf189842a670
- SHA256
  
  4d2f2a2cbaa420897a9362a2be0dbe23f8f4301fa35fd7fd5d5b093bcb2e16a7
- SHA512
  
  4b72ca26292bbe5136e9b471b8016b9931dc5578aa8e7a01b4a23a2b9ad6367f5f6c4f5f84c65f0c8cc9b601ae63240b13b0b25bfe0bb7a77d22a8bff085c6fb
- SSDEEP
  
  49152:LDnTDfkbVCs/2cex8CfdVY36EfrTzcZse23npE71z5tm6zuByY2prwt4i9oSQSqW:LDPfjDYKEgZYpE795FzuBxOY9oSpw3BG
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/nsDialogs.dll
- Size
  
  9KB
- MD5
  
  ab73c0c2a23f913eabdc4cb24b75cbad
- SHA1
  
  6569d2863d54c88dcf57c843fc310f6d9571a41e
- SHA256
  
  3d0060c5c9400a487dbefe4ac132dd96b07d3a4ba3badab46a7410a667c93457
- SHA512
  
  99d287b5152944f64edc7ce8f3ebcd294699e54a5b42ac7a88e27dff8a68278a5429f4d299802ee7ddbe290f1e3b6a372a5f3bb4ecb1a3c32e384bca3ccdb2b8
- SSDEEP
  
  96:EBABCcnl5TKhkfLxSslykcxM2DjDf3GE+Xv8Xav+Yx4MndY7ndS27gA:E6n+0SAfRE+/8ZYxldqn420
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $SYSDIR/MSWINSCK.OCX
- Size
  
  121KB
- MD5
  
  e8a2190a9e8ee5e5d2e0b599bbf9dda6
- SHA1
  
  4e97bf9519c83835da9db309e61ec87ddf165167
- SHA256
  
  80ab0b86de58a657956b2a293bd9957f78e37e7383c86d6cd142208c153b6311
- SHA512
  
  57f8473eedaf7e8aad3b5bcbb16d373fd6aaec290c3230033fc50b5ec220e93520b8915c936e758bb19107429a49965516425350e012f8db0de6d4f6226b42ee
- SSDEEP
  
  3072:9PdIuG8UvahsdcYX3UI2EuJ3im/ZCdady+RlTp/VYq63+sB:9PBUyhsdEI2++M+RlTHYL
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  PFPortChecker.exe
- Size
  
  105KB
- MD5
  
  9a3a254b0816dfccb57dd53f9f738abe
- SHA1
  
  675b6143bca7bd9465b96d5128ed6d404276ed42
- SHA256
  
  7d0cff55359872a356b277353c324ea36e7e70e1c1efb0512db1daab0127b75b
- SHA512
  
  3e8e62c6040b78e556cc215833652fe9ec64e58bd9263eceb2dd44371ee7e05d0a50a450545940fb03265fedaa21dfef7ce4a159aa52d30d69b09dafbef41670
- SSDEEP
  
  1536:7OOL2MDhaXGsyNUZI6XCMpD58MchdSd1bYUZHTptZBGcZH:3Xh23yNUZI6SMWhdSd1bYUZHdtZBGq
Score

3^/10

discovery
behavioral17 behavioral18

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

discoveryspywarestealer

behavioral4

discoveryspywarestealer

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18