a8025d2e5ccf2abd292be8b7202856707b8cfb51035d6f7adf46f39164d71aa1 | Triage

Sharing

General

Target

11dad73eab13f42c23624e434ecf10dc_JaffaCakes118
Size

12KB
Sample

241004-e7znnayend
MD5

11dad73eab13f42c23624e434ecf10dc
SHA1

1ab7183a2fc8fdeb673fd1255dfe772f0ec8a020
SHA256

a8025d2e5ccf2abd292be8b7202856707b8cfb51035d6f7adf46f39164d71aa1
SHA512

12e2c2b9f012e94e4a3b9e2dceaf012c52495d6c497663c3c5a3c44cfaa0f76ccbdcb1dc4ffba861e0bc8526b0e6fb18a92600866ebe5439132f869dec210fb8
SSDEEP

192:cy1LLsJ/+bQeZqBXtkXrZuX2ngyO9AICTb7np4Z0moIaP2JFa54S/M:c1/+EM4tkb0X2zO930n80qNJFwU

Score

7^/10

credential_access discovery spyware stealer

Malware Config

Targets

- Target
  
  11dad73eab13f42c23624e434ecf10dc_JaffaCakes118
- Size
  
  12KB
- MD5
  
  11dad73eab13f42c23624e434ecf10dc
- SHA1
  
  1ab7183a2fc8fdeb673fd1255dfe772f0ec8a020
- SHA256
  
  a8025d2e5ccf2abd292be8b7202856707b8cfb51035d6f7adf46f39164d71aa1
- SHA512
  
  12e2c2b9f012e94e4a3b9e2dceaf012c52495d6c497663c3c5a3c44cfaa0f76ccbdcb1dc4ffba861e0bc8526b0e6fb18a92600866ebe5439132f869dec210fb8
- SSDEEP
  
  192:cy1LLsJ/+bQeZqBXtkXrZuX2ngyO9AICTb7np4Z0moIaP2JFa54S/M:c1/+EM4tkb0X2zO930n80qNJFwU
Score

7^/10

credential_access discovery spyware stealer
- Reads data files stored by FTP clients
  Tries to access configuration files associated with programs like FileZilla.
  spyware stealer
- Reads local data of messenger clients
  Infostealers often target stored data of messaging applications, which can include saved credentials and account information.
  spyware stealer
- Unsecured Credentials: Credentials In Files
  Steal credentials from unsecured files.
  credential_access stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

credential_accessdiscoveryspywarestealer

behavioral2