3d81a247f984f627888006694b01701954455efe176fb575e2e4033450dadda9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc1038940147b8d86dfb8bf813632089_JaffaCakes118
Size

1.1MB
Sample

240928-l5lscazdrm
MD5

fc1038940147b8d86dfb8bf813632089
SHA1

eabf2dd312dcf4ceb084e2ba7156a3b1e5810a0d
SHA256

3d81a247f984f627888006694b01701954455efe176fb575e2e4033450dadda9
SHA512

bfb9fd7419c00818f15d68dfefbe4c18559fd4a887984fd59bc05cf8d445399b41998988031348dc07c880973562d72327748ba80245ace4eae6437f4a33a730
SSDEEP

24576:GeXWbswtoOotkmjCDq6mRlGdha+lGI/XrEhWK8:GeXWbbt/oNCDqnkdroEXrgWK

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fc1038940147b8d86dfb8bf813632089_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  fc1038940147b8d86dfb8bf813632089
- SHA1
  
  eabf2dd312dcf4ceb084e2ba7156a3b1e5810a0d
- SHA256
  
  3d81a247f984f627888006694b01701954455efe176fb575e2e4033450dadda9
- SHA512
  
  bfb9fd7419c00818f15d68dfefbe4c18559fd4a887984fd59bc05cf8d445399b41998988031348dc07c880973562d72327748ba80245ace4eae6437f4a33a730
- SSDEEP
  
  24576:GeXWbswtoOotkmjCDq6mRlGdha+lGI/XrEhWK8:GeXWbbt/oNCDqnkdroEXrgWK
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer