e018fa11ca7c4892a6633235cbab4e9d2303bda665c94ca39ede5368b88f07a5

Sharing

Copy URL Twitter E-mail

General

Target

4171c7eb9f545aba8e637c4b1f9c2c3b_JaffaCakes118
Size

97KB
Sample

241013-xae7vswdrr
MD5

4171c7eb9f545aba8e637c4b1f9c2c3b
SHA1

069d425d9b777da03c4db4fed84f2cb85e6a67c3
SHA256

e018fa11ca7c4892a6633235cbab4e9d2303bda665c94ca39ede5368b88f07a5
SHA512

62fbdd8e1a06746295ba7126264eb657bb699224ae2b3f41063c1b6e67d36148fdf734c1c88bb91b18fc25edfe8ab06831003227fe3eb6b6213ebd89b1c93af0
SSDEEP

1536:/FYSF3bc72R2WbtjZTovF/AvSw6RghJGwcBrHuH14VVzLMbhN2mHsRModJ:/Pg729btBovpvw6RaMwArOHM9gLDs6k

Score

7^/10

Malware Config

Targets

- Target
  
  4171c7eb9f545aba8e637c4b1f9c2c3b_JaffaCakes118
- Size
  
  97KB
- MD5
  
  4171c7eb9f545aba8e637c4b1f9c2c3b
- SHA1
  
  069d425d9b777da03c4db4fed84f2cb85e6a67c3
- SHA256
  
  e018fa11ca7c4892a6633235cbab4e9d2303bda665c94ca39ede5368b88f07a5
- SHA512
  
  62fbdd8e1a06746295ba7126264eb657bb699224ae2b3f41063c1b6e67d36148fdf734c1c88bb91b18fc25edfe8ab06831003227fe3eb6b6213ebd89b1c93af0
- SSDEEP
  
  1536:/FYSF3bc72R2WbtjZTovF/AvSw6RghJGwcBrHuH14VVzLMbhN2mHsRModJ:/Pg729btBovpvw6RaMwArOHM9gLDs6k
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/StartMenu.dll
- Size
  
  9KB
- MD5
  
  ae9359526fab6b323351b4976a450bd3
- SHA1
  
  63d528ed60988ad76e58e2079292694eff0d4102
- SHA256
  
  aee4def1e2b759e8f2731abd907bdd9f662d2fd732195460435b4dc02ec73be6
- SHA512
  
  e67b995370fb4877d739ac04740abf369326cefdc3660d84ad1275331f48ccfcb30e54dfaf858cc58db472ebcbf74cd563e3a117c30156720ad747b6e06b86d9
- SSDEEP
  
  96:p0gUUpZMb4pkXuzaVS1pZkrDSgPKqjOYiktlcvFBtsxwwhICZ:zpZS+zac+KdqjOYRcNB6x9ICZ
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $TEMP/DecodingHQ.exe
- Size
  
  18KB
- MD5
  
  9b0f21941d4b1d0e1b3cc53b1c3eda1f
- SHA1
  
  cad7a151d3c5a34bbc2c954c2769de02177257eb
- SHA256
  
  8a93e69379430dc0e3eec63c4144f244eda89c59ff86f6fb804c5aaded72c7ec
- SHA512
  
  e8b82582ab4bdf082153fa84e0160880dfb533cced65e014ab16dcf7d2c67482c625ff3ef7d3cef89319d3d5da71599646fffb671cacd53acc61145006d18a5c
- SSDEEP
  
  384:JVZ53Lk3hFFo9L/uD/BncqT8+cNzhiqhYIzuMoIxhy3QL5DhVZ:JVZ6CbuD/tcqpiYKuM3AE51VZ
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral5 behavioral6
- Target
  
  Uninstall.exe
- Size
  
  64KB
- MD5
  
  86cf9257397ac962a5c23de0b8ca1856
- SHA1
  
  86991c8a70875d1d990d0d9b6812ccc9c0e9a580
- SHA256
  
  20e7ce425c9bba91a6d811eaa1c22a6c5a12d714736e44037277657026295c46
- SHA512
  
  a90c21db2da6ced384f088cf2bf49165496a4091e86280a037d9896861ae57bfbbd810b05939df4412966b0e84d41062e3c6b833d18ceceb9d3735d507d40a7f
- SSDEEP
  
  1536:/FYSF3bc72R2WbtjZTovF/AvSw6RghJGwcZ:/Pg729btBovpvw6RaMwg
Score

7^/10

discovery
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral7 behavioral8

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

T1555

Credentials from Web Browsers

T1555.003

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Executes dropped EXE

Loads dropped DLL

Reads user/profile data of web browsers

Checks installed software on the system

Reads user/profile data of web browsers

Deletes itself

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8