120473fb67eff28111c32022e7ecc88467502486c7c9721d6cbaea7020866cf1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebe4ec3ea0c9bbc319b1848ec97b6eed_JaffaCakes118
Size

1.1MB
Sample

240919-wk2m6sseln
MD5

ebe4ec3ea0c9bbc319b1848ec97b6eed
SHA1

9cc26632a2e9140b7df91be88455d24a7df29f2a
SHA256

120473fb67eff28111c32022e7ecc88467502486c7c9721d6cbaea7020866cf1
SHA512

c9b5c9adfe5891ea9c39885e9ac478df29aba396749cc07e97fa32ed753b5a4f0ce7e4ca1e7be2b39c973827bee5cc5cb84a51948122edd65050022481c94967
SSDEEP

24576:bQJSP96tATSZst9gI2phBG3wRcrW0vi2+Y8+aj6I2Mljb/pjdD4TjaX6UnDPAKl5:bQIPEtA4sH+hBCVieQJp4T2TnT

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ebe4ec3ea0c9bbc319b1848ec97b6eed_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  ebe4ec3ea0c9bbc319b1848ec97b6eed
- SHA1
  
  9cc26632a2e9140b7df91be88455d24a7df29f2a
- SHA256
  
  120473fb67eff28111c32022e7ecc88467502486c7c9721d6cbaea7020866cf1
- SHA512
  
  c9b5c9adfe5891ea9c39885e9ac478df29aba396749cc07e97fa32ed753b5a4f0ce7e4ca1e7be2b39c973827bee5cc5cb84a51948122edd65050022481c94967
- SSDEEP
  
  24576:bQJSP96tATSZst9gI2phBG3wRcrW0vi2+Y8+aj6I2Mljb/pjdD4TjaX6UnDPAKl5:bQIPEtA4sH+hBCVieQJp4T2TnT
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer