b77657cbf63bc54172e1174528b55f9351f5769146db0d92091218eef65d4a68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09e5eeb57e9fae2f38f9f5481aa715ea_JaffaCakes118
Size

158KB
Sample

241002-kyy9es1grb
MD5

09e5eeb57e9fae2f38f9f5481aa715ea
SHA1

071ae4fb73c1797ef7f3b8867a07479b8b0b0679
SHA256

b77657cbf63bc54172e1174528b55f9351f5769146db0d92091218eef65d4a68
SHA512

dffcd3bb36643b16d483c5092d4e7f98dc3f2c3c75b5f9e97f0b7622d29738cf77729b0cf24870d34e73632935e12f1d1fa6d1094be8996d425ef1583942c4b3
SSDEEP

3072:9vUCs8lyh+aJDcZ4vJnZVBf0Mhyyx+un5jFXEAfMjm1iv3:OqlylxcZkDf0Hyxp5jOAfT18

Score

7^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  09e5eeb57e9fae2f38f9f5481aa715ea_JaffaCakes118
- Size
  
  158KB
- MD5
  
  09e5eeb57e9fae2f38f9f5481aa715ea
- SHA1
  
  071ae4fb73c1797ef7f3b8867a07479b8b0b0679
- SHA256
  
  b77657cbf63bc54172e1174528b55f9351f5769146db0d92091218eef65d4a68
- SHA512
  
  dffcd3bb36643b16d483c5092d4e7f98dc3f2c3c75b5f9e97f0b7622d29738cf77729b0cf24870d34e73632935e12f1d1fa6d1094be8996d425ef1583942c4b3
- SSDEEP
  
  3072:9vUCs8lyh+aJDcZ4vJnZVBf0Mhyyx+un5jFXEAfMjm1iv3:OqlylxcZkDf0Hyxp5jOAfT18
Score

7^/10

discovery persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2