0e71b12dfa307ad9bfc0d39de6b0b98e9d034655d61aebf6d7feeec489f116d9 | Triage

Sharing

General

Target

3780cb047ac6013c4947ee44331ecb54_JaffaCakes118
Size

1.0MB
Sample

241012-agehkswejn
MD5

3780cb047ac6013c4947ee44331ecb54
SHA1

744aedcc7b761fe0aaf29a48308bdff5bfbb2950
SHA256

0e71b12dfa307ad9bfc0d39de6b0b98e9d034655d61aebf6d7feeec489f116d9
SHA512

bfeed06e887c6c04f92d2efab3a95f0f6b1ba23d1d1c1d00f33da74a03b7cea9f7f4513c987aea5cb82833b52c4ee333261b86c37bb9e2a418ff9a2d125b511c
SSDEEP

24576:7cb+idvA0335VposjpUjZfxB+pbpTuSjSoFo8KTsHmAF5e:QRdX3pVpHjpUV58p9TuSjSoFo8KTUmAF

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  3780cb047ac6013c4947ee44331ecb54_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  3780cb047ac6013c4947ee44331ecb54
- SHA1
  
  744aedcc7b761fe0aaf29a48308bdff5bfbb2950
- SHA256
  
  0e71b12dfa307ad9bfc0d39de6b0b98e9d034655d61aebf6d7feeec489f116d9
- SHA512
  
  bfeed06e887c6c04f92d2efab3a95f0f6b1ba23d1d1c1d00f33da74a03b7cea9f7f4513c987aea5cb82833b52c4ee333261b86c37bb9e2a418ff9a2d125b511c
- SSDEEP
  
  24576:7cb+idvA0335VposjpUjZfxB+pbpTuSjSoFo8KTsHmAF5e:QRdX3pVpHjpUV58p9TuSjSoFo8KTUmAF
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer