cd1fde3cec50f62f3fac13b8171c5648eaf9e5d89692c8f57f9bf1a41e09621c | Triage

Sharing

General

Target

ea800d4165a93967a9ccb9d1aec4a244_JaffaCakes118
Size

1006KB
Sample

240919-d1dxyayfkq
MD5

ea800d4165a93967a9ccb9d1aec4a244
SHA1

5c391cfbb8813e0b0958c2364c09bdfed6e45fbd
SHA256

cd1fde3cec50f62f3fac13b8171c5648eaf9e5d89692c8f57f9bf1a41e09621c
SHA512

7948da977d4a790dbef489e13613189048d57917c252239c6b6fac47623454cb3e0a8964317a02073841a2041964b0972c57bc77a7a3843bf84f3ce65e5b7cb2
SSDEEP

24576:+f/RMpsocGdc9tzeFK9iQVg6aHjIlW83d0ERwbP2a4FU9c:IJM7/mnVDa8toua4+

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ea800d4165a93967a9ccb9d1aec4a244_JaffaCakes118
- Size
  
  1006KB
- MD5
  
  ea800d4165a93967a9ccb9d1aec4a244
- SHA1
  
  5c391cfbb8813e0b0958c2364c09bdfed6e45fbd
- SHA256
  
  cd1fde3cec50f62f3fac13b8171c5648eaf9e5d89692c8f57f9bf1a41e09621c
- SHA512
  
  7948da977d4a790dbef489e13613189048d57917c252239c6b6fac47623454cb3e0a8964317a02073841a2041964b0972c57bc77a7a3843bf84f3ce65e5b7cb2
- SSDEEP
  
  24576:+f/RMpsocGdc9tzeFK9iQVg6aHjIlW83d0ERwbP2a4FU9c:IJM7/mnVDa8toua4+
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer