d23e3550fb1253fc6d6218605d222f4aec9632ccb22b48325ffc5a94f5b6b752 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcdabbb3d72ab9755fbf7affc0357773_JaffaCakes118
Size

1.0MB
Sample

240928-wnm9ysyeqp
MD5

fcdabbb3d72ab9755fbf7affc0357773
SHA1

e01b0a6c83861429526b83a581c70aa81bdcadc3
SHA256

d23e3550fb1253fc6d6218605d222f4aec9632ccb22b48325ffc5a94f5b6b752
SHA512

f1630dee74a152909a3f3555857db7ce509a39ef8371217d4800b8658532c54e413b8a12cb64f943c9e0f4175fc3bf84236ddd4d472c16f3dce3a50e189740e9
SSDEEP

24576:YvkQhyUP8bdh3jCUSpZfRgb8NflG6lNp+4NXS8WFPgTDOsWQdxDwsOmefp:2kQrP8P3GUSpVcKflFYIS8WJcisNTD+b

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  fcdabbb3d72ab9755fbf7affc0357773_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  fcdabbb3d72ab9755fbf7affc0357773
- SHA1
  
  e01b0a6c83861429526b83a581c70aa81bdcadc3
- SHA256
  
  d23e3550fb1253fc6d6218605d222f4aec9632ccb22b48325ffc5a94f5b6b752
- SHA512
  
  f1630dee74a152909a3f3555857db7ce509a39ef8371217d4800b8658532c54e413b8a12cb64f943c9e0f4175fc3bf84236ddd4d472c16f3dce3a50e189740e9
- SSDEEP
  
  24576:YvkQhyUP8bdh3jCUSpZfRgb8NflG6lNp+4NXS8WFPgTDOsWQdxDwsOmefp:2kQrP8P3GUSpVcKflFYIS8WJcisNTD+b
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer