Overview

overview

7

Static

static

3

da10a493ba...18.exe

windows7-x64

7

da10a493ba...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da10a493ba96f220d9d985a05be1148a_JaffaCakes118

  • Size

    568KB

  • Sample

    240911-ljl6zsthla

  • MD5

    da10a493ba96f220d9d985a05be1148a

  • SHA1

    c08da574d5c2b538e592d92e605972cbeb8c0f13

  • SHA256

    d0d4ea31d7cc201b7bab4f0b333e8cea4db680c6367afb427d1c1a783d633d0f

  • SHA512

    fdb50ea4a1d56748c1ad31a04ba00e6fc811eee8d5b283dce0a5e600afe2c2e9cdebb873bd500921a133bea2b5b5bdb7aa6907efd25190faee54c70692d87c02

  • SSDEEP

    12288:TmYFeoLCtrqavdiZDz356DtwE9eC6RFJgD2pBxxBGIP5SJjW4Gp:TCYwyTk

Score
7/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      da10a493ba96f220d9d985a05be1148a_JaffaCakes118

    • Size

      568KB

    • MD5

      da10a493ba96f220d9d985a05be1148a

    • SHA1

      c08da574d5c2b538e592d92e605972cbeb8c0f13

    • SHA256

      d0d4ea31d7cc201b7bab4f0b333e8cea4db680c6367afb427d1c1a783d633d0f

    • SHA512

      fdb50ea4a1d56748c1ad31a04ba00e6fc811eee8d5b283dce0a5e600afe2c2e9cdebb873bd500921a133bea2b5b5bdb7aa6907efd25190faee54c70692d87c02

    • SSDEEP

      12288:TmYFeoLCtrqavdiZDz356DtwE9eC6RFJgD2pBxxBGIP5SJjW4Gp:TCYwyTk

    Score
    7/10
    credential_accessdiscoveryspywarestealer

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Uses the VBS compiler for execution

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks