6359fa437ec1e96d701f7a64b3eb764ca61fb9a1df6c4717ffacefb78ef6795e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

387495b18bfddb7b9df269cb2041da7a_JaffaCakes118
Size

1.1MB
Sample

241012-fbmvnatfmh
MD5

387495b18bfddb7b9df269cb2041da7a
SHA1

dc6b2af3a8a2c171f2186cb6df402fc95cdc49c9
SHA256

6359fa437ec1e96d701f7a64b3eb764ca61fb9a1df6c4717ffacefb78ef6795e
SHA512

3a790a13c61e14db7c9c9c7d0723be8a7f8f552e06d304efe04a92909add9180bac5a7bbf17f306f6feafa0c7d92943c676a0e19703cb04288a3f1e7237831a3
SSDEEP

24576:WtFLNV+/+iQdy9W3cs9jwv1RuXlCCT0Ulk2m6JuHMfMoh:GLCW3c0j2mkCTfle6JuHMfM

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  387495b18bfddb7b9df269cb2041da7a_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  387495b18bfddb7b9df269cb2041da7a
- SHA1
  
  dc6b2af3a8a2c171f2186cb6df402fc95cdc49c9
- SHA256
  
  6359fa437ec1e96d701f7a64b3eb764ca61fb9a1df6c4717ffacefb78ef6795e
- SHA512
  
  3a790a13c61e14db7c9c9c7d0723be8a7f8f552e06d304efe04a92909add9180bac5a7bbf17f306f6feafa0c7d92943c676a0e19703cb04288a3f1e7237831a3
- SSDEEP
  
  24576:WtFLNV+/+iQdy9W3cs9jwv1RuXlCCT0Ulk2m6JuHMfMoh:GLCW3c0j2mkCTfle6JuHMfM
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer