787f5e7ef2ffd3f642d62d68ae840fb5875158f25815dc32215b20760e7e7c3e | Triage

Sharing

General

Target

da93e572718d1c2154e55a0a238ed673_JaffaCakes118
Size

80KB
Sample

240911-r5b6sswhlg
MD5

da93e572718d1c2154e55a0a238ed673
SHA1

82d9e925c889780faf06ef5525cb3abb8a0c88df
SHA256

787f5e7ef2ffd3f642d62d68ae840fb5875158f25815dc32215b20760e7e7c3e
SHA512

6ddaa8c71263e4b06cef10d5a755a4e38d7ae09a2cad89f6f65296c5dd7394272c69432cf5ee968334bea1eb0d3ce71b88b31bdd078b19f2bda1f2db6075df41
SSDEEP

1536:K7UxyGtordZ1Z2qSDnoDUP3pNkM00M1NgqHTJKqO9O:grJSDnogP3u0M16GTJK59O

Score

9^/10

credential_access spyware stealer

Malware Config

Targets

- Target
  
  da93e572718d1c2154e55a0a238ed673_JaffaCakes118
- Size
  
  80KB
- MD5
  
  da93e572718d1c2154e55a0a238ed673
- SHA1
  
  82d9e925c889780faf06ef5525cb3abb8a0c88df
- SHA256
  
  787f5e7ef2ffd3f642d62d68ae840fb5875158f25815dc32215b20760e7e7c3e
- SHA512
  
  6ddaa8c71263e4b06cef10d5a755a4e38d7ae09a2cad89f6f65296c5dd7394272c69432cf5ee968334bea1eb0d3ce71b88b31bdd078b19f2bda1f2db6075df41
- SSDEEP
  
  1536:K7UxyGtordZ1Z2qSDnoDUP3pNkM00M1NgqHTJKqO9O:grJSDnogP3u0M16GTJK59O
Score

9^/10

credential_access spyware stealer
- Credentials from Password Stores: Credentials from Web Browsers
  Malicious Access or copy of Web Browser Credential store.
  credential_access stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessspywarestealer

behavioral2

credential_accessspywarestealer