d1cdd85e7d99520ed150d5c0b91348761d8c74f9c1ea95472d26425a05a28e17 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dc967829d0b00c360dfb8a373aa5660_JaffaCakes118
Size

781KB
Sample

241013-e2zfpsyhjf
MD5

3dc967829d0b00c360dfb8a373aa5660
SHA1

0f7572910b8ab86ed71a52f0a15505b5ecdfe86b
SHA256

d1cdd85e7d99520ed150d5c0b91348761d8c74f9c1ea95472d26425a05a28e17
SHA512

2ee5ede09b285212b32084ff602f0cc27dfe2113706a515755f5a34cd9c8c0336a8b2ee657a12d3780b3506cf484a511c463837c28627384f4fe69cfd5ba0298
SSDEEP

24576:goL72K3gOcHQTCUPv/QyS8UwGo7M95wmHy:gqaK3gjQd/xLU6ADwmHy

Score

7^/10

discovery persistence spyware stealer upx

Malware Config

Targets

- Target
  
  3dc967829d0b00c360dfb8a373aa5660_JaffaCakes118
- Size
  
  781KB
- MD5
  
  3dc967829d0b00c360dfb8a373aa5660
- SHA1
  
  0f7572910b8ab86ed71a52f0a15505b5ecdfe86b
- SHA256
  
  d1cdd85e7d99520ed150d5c0b91348761d8c74f9c1ea95472d26425a05a28e17
- SHA512
  
  2ee5ede09b285212b32084ff602f0cc27dfe2113706a515755f5a34cd9c8c0336a8b2ee657a12d3780b3506cf484a511c463837c28627384f4fe69cfd5ba0298
- SSDEEP
  
  24576:goL72K3gOcHQTCUPv/QyS8UwGo7M95wmHy:gqaK3gjQd/xLU6ADwmHy
Score

7^/10

discovery persistence spyware stealer upx
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistencespywarestealerupx

behavioral2