6b072e4c3576ff05d12a718193e91af6a23640dc63367a774753039279579899 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbcc73fab641f90bbb5824cfda8cace4_JaffaCakes118
Size

996KB
Sample

240823-p2twbsvbpd
MD5

bbcc73fab641f90bbb5824cfda8cace4
SHA1

a4ef8f2b1807f2aaa10c844701c6dd8e3a236abf
SHA256

6b072e4c3576ff05d12a718193e91af6a23640dc63367a774753039279579899
SHA512

3a0cc1b1ab7ce3be415c13eea4bfaa58ec60bfea40bff4888fde851ce76b315dada9da9b823fcdd698a245ec9e170317dabda6ce0bdedadd4e14b872c2ef3a3a
SSDEEP

24576:eWyIhytbCa4JPJPlDhcB3RsETJuwFy/bSkedElTTm1we3o5kW:eWyEgb+JPJPlDyg0J9Fy/bS1ITTm53o2

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  bbcc73fab641f90bbb5824cfda8cace4_JaffaCakes118
- Size
  
  996KB
- MD5
  
  bbcc73fab641f90bbb5824cfda8cace4
- SHA1
  
  a4ef8f2b1807f2aaa10c844701c6dd8e3a236abf
- SHA256
  
  6b072e4c3576ff05d12a718193e91af6a23640dc63367a774753039279579899
- SHA512
  
  3a0cc1b1ab7ce3be415c13eea4bfaa58ec60bfea40bff4888fde851ce76b315dada9da9b823fcdd698a245ec9e170317dabda6ce0bdedadd4e14b872c2ef3a3a
- SSDEEP
  
  24576:eWyIhytbCa4JPJPlDhcB3RsETJuwFy/bSkedElTTm1we3o5kW:eWyEgb+JPJPlDyg0J9Fy/bS1ITTm53o2
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer