674ebf7a76f7527e4a7db25043a867c5226592353fa04a5c5043b5fb18c8c9c9

Sharing

Copy URL Twitter E-mail

General

Target

05f1dff7caf9c647d9ef63444159b39e_JaffaCakes118
Size

1.1MB
Sample

241001-qfc65avepb
MD5

05f1dff7caf9c647d9ef63444159b39e
SHA1

d2ecfac8a41d3ba8210be8c8969ca9c0e21b4deb
SHA256

674ebf7a76f7527e4a7db25043a867c5226592353fa04a5c5043b5fb18c8c9c9
SHA512

2795cb32918968f768fb19d6119a83158ffaf677c6b28b300e64c2d12121f4bca735c2baec8b3812e3b2261358f95a029c31e8e4f2d67d76e16d1dd7d4f82e1b
SSDEEP

24576:pI62UieZ6Ww/Fv/jEuBtwxebMHm/OPvToM6FELc9NVwR9DrxmT:y62LW6PoIbUm2Pv0M6F4c9/wbrxA

Score

7^/10

Malware Config

Targets

- Target
  
  05f1dff7caf9c647d9ef63444159b39e_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  05f1dff7caf9c647d9ef63444159b39e
- SHA1
  
  d2ecfac8a41d3ba8210be8c8969ca9c0e21b4deb
- SHA256
  
  674ebf7a76f7527e4a7db25043a867c5226592353fa04a5c5043b5fb18c8c9c9
- SHA512
  
  2795cb32918968f768fb19d6119a83158ffaf677c6b28b300e64c2d12121f4bca735c2baec8b3812e3b2261358f95a029c31e8e4f2d67d76e16d1dd7d4f82e1b
- SSDEEP
  
  24576:pI62UieZ6Ww/Fv/jEuBtwxebMHm/OPvToM6FELc9NVwR9DrxmT:y62LW6PoIbUm2Pv0M6F4c9/wbrxA
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $0/resultbrowser.dll
- Size
  
  980KB
- MD5
  
  d94e3da3ae8522dca3cd534e9e0428bd
- SHA1
  
  0f51656e138463f5ba6eb069f8b5f25d99d361b6
- SHA256
  
  582be66f1e5ae4ecf45b70d6a07e4deef31078d08e8498e6d7639c04e956363a
- SHA512
  
  528ab163c5dcf4f72d81d05569361f7ab581c60b7f66c01301892adcb3055067e8a01ca0327466c995ef3039dc4f08556431d04eaa37556915c07b07791b4dca
- SSDEEP
  
  24576:eeafH+xpjEc/HrIXQaRS7osRcmuirHEARaVLXH+pQlzp:IPQfrIXGcgdR+KGf
Score

1^/10
behavioral3 behavioral4
- Target
  
  $0/resultbrowser.exe
- Size
  
  25KB
- MD5
  
  3b9958542ff416d67651c4ec860b7ac6
- SHA1
  
  1037f29ff98f03909adc2aff2f6ef6a768cd6366
- SHA256
  
  425d68a33972a12bffa819204adbd9fb3bdddd2871859ae6d052d0bcec3824c6
- SHA512
  
  196f59f0222886a314a9e6958906175df914a23cc1331f88ec7b669e65097437c0e15cea1167e9858e8b86f9ba4e60431e943dc8ea4e5681232fd05f906a8757
- SSDEEP
  
  384:EkkZ3wGFLdQVLs2YiBlXo3a94R8btb60RQMn3Rjd8lkjN6/Wvily:EkkZgyhcYIlXga9DpjRQMn3RBC4Bal
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $0/uninstall.exe
- Size
  
  78KB
- MD5
  
  c9da060fb99795e11140d84f109ae67e
- SHA1
  
  65775d39acd3a6a8640dfc0f697e22ccf2b8c8d9
- SHA256
  
  229c990eedb88050c7579f87d2325383be775c65693e85468ee617f0b461a333
- SHA512
  
  dab5931e290440be3d6e7417632fc9cf56a645380498050281820b51adceb58fa3d1d4b96609aac70541d7823190c8aee668c3e655dfcf98700328298d068dc1
- SSDEEP
  
  1536:PEkjY1zy214Qay0DGkJ7qAELVigJMjccVocpX/OrwsKD7cis52/Dr:8kjAJ4dDGkJ+AI0KcntMwRcisY//
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  10KB
- MD5
  
  fe24766ba314f620d57d0cf7339103c0
- SHA1
  
  8641545f03f03ff07485d6ec4d7b41cbb898c269
- SHA256
  
  802ef71440f662f456bed6283a5ff78066af016897fe6bfd29cac6edc2967bbd
- SHA512
  
  60d36959895cebf29c4e7713e6d414980139c7aa4ed1c8c96fefb672c1263af0ce909fb409534355895649c0e8056635112efb0da2ba05694446aec2ca77e2e3
- SSDEEP
  
  192:rO6dJA/ruAFEiUdWWE6hE5RYUdJfbub1aMBgMO:yKAFERdlxhGRYUzqZaMB
Score

3^/10

discovery
behavioral15 behavioral16

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Checks installed software on the system

Drops file in System32 directory

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16