76803b3573b3267b43b50182e709959e175f6411b26d1e8d6fc19dd2e0225273 | Triage

Sharing

General

Target

3061d20a1a77db0d34d361f911df8d3b_JaffaCakes118
Size

1006KB
Sample

241010-rzcv5swcpq
MD5

3061d20a1a77db0d34d361f911df8d3b
SHA1

0b17681699ed1b43e2a8099454d97dbdb740b608
SHA256

76803b3573b3267b43b50182e709959e175f6411b26d1e8d6fc19dd2e0225273
SHA512

41e98d7fa079ac01c4ab7a82d81b41ecc1ba31ba770758cca83da4a057e419735780760e4b0c34030ffa42ab24610fe4afd0d115651709abe9e9d83548fc179a
SSDEEP

24576:+f/RMpsocGdc9tzeFK9iQVg6aHjIlW83d0ERwbP2a4FU9c:IJM7/mnVDa8toua4+

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  3061d20a1a77db0d34d361f911df8d3b_JaffaCakes118
- Size
  
  1006KB
- MD5
  
  3061d20a1a77db0d34d361f911df8d3b
- SHA1
  
  0b17681699ed1b43e2a8099454d97dbdb740b608
- SHA256
  
  76803b3573b3267b43b50182e709959e175f6411b26d1e8d6fc19dd2e0225273
- SHA512
  
  41e98d7fa079ac01c4ab7a82d81b41ecc1ba31ba770758cca83da4a057e419735780760e4b0c34030ffa42ab24610fe4afd0d115651709abe9e9d83548fc179a
- SSDEEP
  
  24576:+f/RMpsocGdc9tzeFK9iQVg6aHjIlW83d0ERwbP2a4FU9c:IJM7/mnVDa8toua4+
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer