6d46d3306477afcfd5a98c72a73bdb3d75ba0eb75bd24784315d0dffe867d4af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebe97de7eb312964b3d50382a2d48e36_JaffaCakes118
Size

7.9MB
Sample

240919-wrwqhasgqr
MD5

ebe97de7eb312964b3d50382a2d48e36
SHA1

d3a7954cc24186930308ae8f7197dafd8d0104d5
SHA256

6d46d3306477afcfd5a98c72a73bdb3d75ba0eb75bd24784315d0dffe867d4af
SHA512

5746c8dc6b7902bfa6c09ea7b42c4883882cd21d8307534ef55a3b6c1f13c3abc32b6dd58ad73fd64217b046d5eab207f8e0f0055defdf8dcc681cc4144173ea
SSDEEP

196608:foAXC9/n2bXviPVnc+GLKTEHpxkYmS9h4c5PapRzyExOtw2D:flywbKPVBGqXYVl9afmjJ

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  ebe97de7eb312964b3d50382a2d48e36_JaffaCakes118
- Size
  
  7.9MB
- MD5
  
  ebe97de7eb312964b3d50382a2d48e36
- SHA1
  
  d3a7954cc24186930308ae8f7197dafd8d0104d5
- SHA256
  
  6d46d3306477afcfd5a98c72a73bdb3d75ba0eb75bd24784315d0dffe867d4af
- SHA512
  
  5746c8dc6b7902bfa6c09ea7b42c4883882cd21d8307534ef55a3b6c1f13c3abc32b6dd58ad73fd64217b046d5eab207f8e0f0055defdf8dcc681cc4144173ea
- SSDEEP
  
  196608:foAXC9/n2bXviPVnc+GLKTEHpxkYmS9h4c5PapRzyExOtw2D:flywbKPVBGqXYVl9afmjJ
Score

7^/10

discovery spyware stealer
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer