11eb3ad75916fcc6ae9a11235257270cf0152c68fc7b57b857e8c33c73eaf9bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09bf64000cef98dd073daab58754d140_JaffaCakes118
Size

1.0MB
Sample

241002-j99nvszenh
MD5

09bf64000cef98dd073daab58754d140
SHA1

5725886cd6a283591a8b973dd34aa33329472bed
SHA256

11eb3ad75916fcc6ae9a11235257270cf0152c68fc7b57b857e8c33c73eaf9bb
SHA512

13b6331d579fee7abad622432beda8d8dde41848e9b31bb95553364376a3ce4c1b41f040d531b13b1a534f7a815ad99558c53de1a5aa3b4bb687b86b5e3a52a1
SSDEEP

12288:10wtBCKqYKqphuDsBwGs9eX0KLVOL5Z0hxj7xwDzTGZEFf+1x3Umlrd1ppNx:10wfnKXsNs9eEwcAj7x8VK5Rx

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  09bf64000cef98dd073daab58754d140_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  09bf64000cef98dd073daab58754d140
- SHA1
  
  5725886cd6a283591a8b973dd34aa33329472bed
- SHA256
  
  11eb3ad75916fcc6ae9a11235257270cf0152c68fc7b57b857e8c33c73eaf9bb
- SHA512
  
  13b6331d579fee7abad622432beda8d8dde41848e9b31bb95553364376a3ce4c1b41f040d531b13b1a534f7a815ad99558c53de1a5aa3b4bb687b86b5e3a52a1
- SSDEEP
  
  12288:10wtBCKqYKqphuDsBwGs9eX0KLVOL5Z0hxj7xwDzTGZEFf+1x3Umlrd1ppNx:10wfnKXsNs9eEwcAj7x8VK5Rx
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer