1264fc17a2603523683becb2585c3308be2e49b0ea5ed988db5e7e510fa6f1d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ead204d150c014d78c1e0699ecfa59b_JaffaCakes118
Size

1.1MB
Sample

241003-jrh37awenc
MD5

0ead204d150c014d78c1e0699ecfa59b
SHA1

f351dcc5e753ac0ba81bd423a98deef54f35bbb6
SHA256

1264fc17a2603523683becb2585c3308be2e49b0ea5ed988db5e7e510fa6f1d2
SHA512

72e35f6d40a35dce34a3ff3d4f539d8d8d46ac364dade583f6a168cd0053d66581e57e04c758f6a710c86783c81ba6925f6438130d1fcbe7c22aceabb54f0b3f
SSDEEP

24576:bQJSP96tATSZst9gI2phBG3wRcrW0vi2+Y8+aj6I2Mljb/pjdD4TjaX6UnDPAKl5:bQIPEtA4sH+hBCVieQJp4T2TnT

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  0ead204d150c014d78c1e0699ecfa59b_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  0ead204d150c014d78c1e0699ecfa59b
- SHA1
  
  f351dcc5e753ac0ba81bd423a98deef54f35bbb6
- SHA256
  
  1264fc17a2603523683becb2585c3308be2e49b0ea5ed988db5e7e510fa6f1d2
- SHA512
  
  72e35f6d40a35dce34a3ff3d4f539d8d8d46ac364dade583f6a168cd0053d66581e57e04c758f6a710c86783c81ba6925f6438130d1fcbe7c22aceabb54f0b3f
- SSDEEP
  
  24576:bQJSP96tATSZst9gI2phBG3wRcrW0vi2+Y8+aj6I2Mljb/pjdD4TjaX6UnDPAKl5:bQIPEtA4sH+hBCVieQJp4T2TnT
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer