1546dd47c4496ab8241c356b85fd75cc4e5f26d962cdb2928d10be61442015d5 | Triage

Sharing

General

Target

14e61019c661a19defd1f72fdd9a68e6_JaffaCakes118
Size

1.3MB
Sample

241004-zsr1gswcjk
MD5

14e61019c661a19defd1f72fdd9a68e6
SHA1

f57eac5e6af38c47a8f9166b27cf8c8752642163
SHA256

1546dd47c4496ab8241c356b85fd75cc4e5f26d962cdb2928d10be61442015d5
SHA512

b3f9a172e6d5192e0e8a56f51e417f3b02fa5e2723d78a6315ac33e1c1af143fb0cd03ab6ef3f3d4fb45ea84d48c63ec2400839751392c5b963221a1118542da
SSDEEP

24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  14e61019c661a19defd1f72fdd9a68e6_JaffaCakes118
- Size
  
  1.3MB
- MD5
  
  14e61019c661a19defd1f72fdd9a68e6
- SHA1
  
  f57eac5e6af38c47a8f9166b27cf8c8752642163
- SHA256
  
  1546dd47c4496ab8241c356b85fd75cc4e5f26d962cdb2928d10be61442015d5
- SHA512
  
  b3f9a172e6d5192e0e8a56f51e417f3b02fa5e2723d78a6315ac33e1c1af143fb0cd03ab6ef3f3d4fb45ea84d48c63ec2400839751392c5b963221a1118542da
- SSDEEP
  
  24576:g33RSdYIE20sCYUQxEnZ4NGAARdYRUuLHEwpzxz0DLacT06:gnRSdksCYiZ6AuLHEwpdz0DucT5
Score

7^/10

discovery evasion spyware stealer trojan
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Browser Information Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryevasionspywarestealertrojan