Overview

overview

7

Static

static

3

2f9d351512...18.exe

windows7-x64

7

2f9d351512...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2f9d3515126771b3aaf2b5b9851e650a_JaffaCakes118

  • Size

    77KB

  • Sample

    241009-mpm6xazhpq

  • MD5

    2f9d3515126771b3aaf2b5b9851e650a

  • SHA1

    cfe089d840903ca8931435154bebc241e6d7039e

  • SHA256

    9fda3ccd6db7fae09df7c82fe6a22f9b38855f6fc9be6ca516611def1b5bead8

  • SHA512

    42486393d4c4faec986108d86571d5772c1443c64722b2a04499d27c38d54a6fc801999932fb0e633a848583a50ad8d5ad6694d86433660afbd4aa84a09efd18

  • SSDEEP

    1536:VyQQnl/oM0Z6wfXOnIKPc00w1WIOqnToIf0Lar6:UtnlgM00wwPcjw10GTBf3

Score
7/10
credential_accessdiscoveryspywarestealer

Malware Config

Targets

    • Target

      2f9d3515126771b3aaf2b5b9851e650a_JaffaCakes118

    • Size

      77KB

    • MD5

      2f9d3515126771b3aaf2b5b9851e650a

    • SHA1

      cfe089d840903ca8931435154bebc241e6d7039e

    • SHA256

      9fda3ccd6db7fae09df7c82fe6a22f9b38855f6fc9be6ca516611def1b5bead8

    • SHA512

      42486393d4c4faec986108d86571d5772c1443c64722b2a04499d27c38d54a6fc801999932fb0e633a848583a50ad8d5ad6694d86433660afbd4aa84a09efd18

    • SSDEEP

      1536:VyQQnl/oM0Z6wfXOnIKPc00w1WIOqnToIf0Lar6:UtnlgM00wwPcjw10GTBf3

    Score
    7/10
    credential_accessdiscoveryspywarestealer

    • Reads WinSCP keys stored on the system

      Tries to access WinSCP stored sessions.

      spywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Unsecured Credentials: Credentials In Files

      Steal credentials from unsecured files.

      credential_accessstealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks