b362c6c830d6ab1bbde049cf98dae45c9c51e3b2b89e6170e25583db984f5843 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07d13b1b4001e8ac06df200973ae8fda_JaffaCakes118
Size

1.3MB
Sample

241001-272vcazakd
MD5

07d13b1b4001e8ac06df200973ae8fda
SHA1

5aef397b0d7ca659cfe669288b043e3be3b8608e
SHA256

b362c6c830d6ab1bbde049cf98dae45c9c51e3b2b89e6170e25583db984f5843
SHA512

c0b893112220eec616451467ae628be88aa1d9afbe5771d3855f5db8575e95c0f41cb8656d8dadc9c8d509c9ceae7e14b67652a5eb76bdb7600aeabbb86f3c96
SSDEEP

24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  07d13b1b4001e8ac06df200973ae8fda_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  07d13b1b4001e8ac06df200973ae8fda
- SHA1
  
  5aef397b0d7ca659cfe669288b043e3be3b8608e
- SHA256
  
  b362c6c830d6ab1bbde049cf98dae45c9c51e3b2b89e6170e25583db984f5843
- SHA512
  
  c0b893112220eec616451467ae628be88aa1d9afbe5771d3855f5db8575e95c0f41cb8656d8dadc9c8d509c9ceae7e14b67652a5eb76bdb7600aeabbb86f3c96
- SSDEEP
  
  24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5
Score

7^/10

discovery evasion spyware stealer trojan
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryevasionspywarestealertrojan