4e97a607e87188b686b0cbd9503f4e26f9811802edd41c5290f53a7408fad50b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdfa1aaf812ebdb8b0ff96826b9c77e7_JaffaCakes118
Size

1.5MB
Sample

240824-f69b5sxbrq
MD5

bdfa1aaf812ebdb8b0ff96826b9c77e7
SHA1

af10b909431ea55df54b9af1e1a119bf85674843
SHA256

4e97a607e87188b686b0cbd9503f4e26f9811802edd41c5290f53a7408fad50b
SHA512

476ea988356a9bcd1fc473d24d8c054529cbbe8680b2e12e99388456560957f9433063ecea9ebedac981581cd30ac46913e92314c7bdc7168fc6e9f22ab1eea8
SSDEEP

24576:72RtsxfT5Ecc6hwjZhWlkPzYiPnoIs9WoyZpGeWJkRUndufH5NTQ9FjnOAJI1G:+kfTNEfWlQzBPnoIs9WoynWaaAfXTYFN

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  bdfa1aaf812ebdb8b0ff96826b9c77e7_JaffaCakes118
- Size
  
  1.5MB
- MD5
  
  bdfa1aaf812ebdb8b0ff96826b9c77e7
- SHA1
  
  af10b909431ea55df54b9af1e1a119bf85674843
- SHA256
  
  4e97a607e87188b686b0cbd9503f4e26f9811802edd41c5290f53a7408fad50b
- SHA512
  
  476ea988356a9bcd1fc473d24d8c054529cbbe8680b2e12e99388456560957f9433063ecea9ebedac981581cd30ac46913e92314c7bdc7168fc6e9f22ab1eea8
- SSDEEP
  
  24576:72RtsxfT5Ecc6hwjZhWlkPzYiPnoIs9WoyZpGeWJkRUndufH5NTQ9FjnOAJI1G:+kfTNEfWlQzBPnoIs9WoynWaaAfXTYFN
Score

7^/10

discovery evasion spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryspywarestealer