16e2e19d873ac42213060166d37110bff1bd93747cecf614b98511548d58526e | Triage

Sharing

General

Target

c0fe581312f1a4a5803a1ca55cadf318_JaffaCakes118
Size

1.1MB
Sample

240825-sge38asblr
MD5

c0fe581312f1a4a5803a1ca55cadf318
SHA1

20c1d2f2d7214795c6a3b8e7df4fa0094cd79433
SHA256

16e2e19d873ac42213060166d37110bff1bd93747cecf614b98511548d58526e
SHA512

08489fee4bd2f68f69d0d37fc587425e78cc280a118e12307d24466136eff4b8e70c0a91773e6810ed809c9fb0874d260535e694d4d25dff5f56ef297bde19c8
SSDEEP

24576:hk9/HCSOGpQ9ACRPYvHKoBuBjWcoBIrpFIH8rQ6AdcmZHFSpy:hyfNOGpQVYv/BmjWTBIrpFIHeQ7cmus

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  Quick Start/Quick Start.exe
- Size
  
  2.3MB
- MD5
  
  1dc4679045ed387c64444d1ed801d950
- SHA1
  
  535f1b3a46ad8b63c578ed37f26d6a32ce5c5f38
- SHA256
  
  f944697d3ec510d5fd1630b466852a85e816375e6595eb935aa6b48bb027c49f
- SHA512
  
  722e7716c4a247ebed2fca72d89285460959684fc81ff56ad1213dc2555a7fb24be5b3a63bcd7564b2895d8b9ec087abcca9d7a9d8e1a3bd634a34f0b793b01a
- SSDEEP
  
  49152:lzaGJCbuzVRC3fCh66H0iCNyiXr/QKS9exZx9er:lzaOCCzVqCh66H0iCsiXrwMxjM
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  Quick Start/tools/clear/clear.bat
- Size
  
  654B
- MD5
  
  64208d29c61a2466996e0c9dcba911ee
- SHA1
  
  aeeb099aa5f76a10ee4a3d534209fbcc3dc6118e
- SHA256
  
  3761ef6eb09e3d4febe6001d85176bd0d5f2fad7e0df551db99e12a6d0679c56
- SHA512
  
  5912ecf309aad539f602a55eaf976606bdc0c9ce628341debe086fc05cedbd39a1b417c70fc3b86d15f2cd03a6e2542d64491b47eb1f60ef590d7b59019b1b3c
Score

7^/10

spyware stealer
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral3 behavioral4
- Target
  
  Quick Start/tools/date/万年历.exe
- Size
  
  983KB
- MD5
  
  c8d63d08ef90c146e9f94b0d85129b0e
- SHA1
  
  6ae0f2566d5975db841a0194d6542367a7073574
- SHA256
  
  b5f392ee7e8a96fdcc27b4aaab883464e402aa99e06e9deeff74467e48d11d15
- SHA512
  
  405ff8283907eda113d41e026fbb3fb1bca0d2aa6ec3f0c9a8c80855fb6416bac8cf8ddef12acb5e174a68f3fe06841ee42b54bea23da01276af5d43ba2aa19f
- SSDEEP
  
  24576:vM6EIiTQ73bdSErnA7AJWzQUeeSND3VxPPmXC8:vMNkjoErBWzQv3r+
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  Quick Start/tools/screensavers lock/screensavers lock.exe
- Size
  
  659KB
- MD5
  
  278800662f7dfd451cd184956b49b644
- SHA1
  
  d75eb64e0aa82098cd0243ba2439bfcf3c9edfb6
- SHA256
  
  38916c24a0e635759a66c10f9c2fcdc4a6f875725a47c3d4f53069ed7b3b0a27
- SHA512
  
  f33c1ee5d03d9e0b64ca8bca043ea4908f648541af060a2488a1e29718e7fd90ae5692baa59f2fbcd92685aa19f252c900751c44b28b06156e4885cc71ce9369
- SSDEEP
  
  12288:zKps6F36tsXJ2EMZwIHw5rmoRmUHKRDe273P6I/uU1p0z:zON96kJ2EMnw5ymq7Dd
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  Quick Start/新云软件.url
- Size
  
  133B
- MD5
  
  4f0017b3b346bd0626f0c3b915e6e734
- SHA1
  
  823bf3ff9e16cd636c9dc0dc690d6a586fcbfe92
- SHA256
  
  df65af1fc1e09f6effbde7e0ef1cb64d6caeef1f62b0e6467821efa032533678
- SHA512
  
  0f5eb5024cf6a0323f7998d419995a707c48de917a5899a185369e6acfeb17c09ffa03f7d110adc87b8de20b7d4bf30d50c72479bfb18614d2e21cbe169dc5a6
Score

1^/10
behavioral10 behavioral9

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10