df28b06ded37fd4ac998aea351b0549d3652bdc5828b1f9f97bd0eda5f6e9db9 | Triage

Sharing

General

Target

d37bae4bd95698b321d5e32a0d354715_JaffaCakes118
Size

26.7MB
Sample

240908-eh4w3swhlf
MD5

d37bae4bd95698b321d5e32a0d354715
SHA1

8abba12d16f1f4deeca0b80019dc34a5d72adbb5
SHA256

df28b06ded37fd4ac998aea351b0549d3652bdc5828b1f9f97bd0eda5f6e9db9
SHA512

9a73e41b00220cbe1cf54908d9b76463238b107e1eb23c79b9379246ef5bd7879cfd26acb31a974c163a278114cabdbf59612d483987e16920ce8fcf6babe009
SSDEEP

49152:XYgph7GBfWSkph7GBfWI/4MnYYJ2ZhqSGLHkJEMxzyV9lr:XX77GBfWz77GBfWpIDQxzyV9lr

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  d37bae4bd95698b321d5e32a0d354715_JaffaCakes118
- Size
  
  26.7MB
- MD5
  
  d37bae4bd95698b321d5e32a0d354715
- SHA1
  
  8abba12d16f1f4deeca0b80019dc34a5d72adbb5
- SHA256
  
  df28b06ded37fd4ac998aea351b0549d3652bdc5828b1f9f97bd0eda5f6e9db9
- SHA512
  
  9a73e41b00220cbe1cf54908d9b76463238b107e1eb23c79b9379246ef5bd7879cfd26acb31a974c163a278114cabdbf59612d483987e16920ce8fcf6babe009
- SSDEEP
  
  49152:XYgph7GBfWSkph7GBfWI/4MnYYJ2ZhqSGLHkJEMxzyV9lr:XX77GBfWz77GBfWpIDQxzyV9lr
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoveryspywarestealer