e5ce184e81d04c7a1decfb78011c93b2e692751ff78a82ee0b9c38997128258b | Triage

Sharing

General

Target

43f73753d2cb7bc512153c2a0b004e77_JaffaCakes118
Size

614KB
Sample

241014-ywc53axgmk
MD5

43f73753d2cb7bc512153c2a0b004e77
SHA1

948eeed0f8e4280fc07a21fb38257a4d236af62f
SHA256

e5ce184e81d04c7a1decfb78011c93b2e692751ff78a82ee0b9c38997128258b
SHA512

64e27b25058b61e660ffc6afde772beae2af3cbc7c5ae92dd9168d0f38f45de437af4883ac10f4dad9402c0824a024ca365703b1441dae25ef038f2205ced873
SSDEEP

12288:1bENRCDG/Bd9frIipHSk+LPAqCLjx0k9dIleSrSuis3jk+n:1+gsd8QyLLPAqCV59dOXSz+

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  43f73753d2cb7bc512153c2a0b004e77_JaffaCakes118
- Size
  
  614KB
- MD5
  
  43f73753d2cb7bc512153c2a0b004e77
- SHA1
  
  948eeed0f8e4280fc07a21fb38257a4d236af62f
- SHA256
  
  e5ce184e81d04c7a1decfb78011c93b2e692751ff78a82ee0b9c38997128258b
- SHA512
  
  64e27b25058b61e660ffc6afde772beae2af3cbc7c5ae92dd9168d0f38f45de437af4883ac10f4dad9402c0824a024ca365703b1441dae25ef038f2205ced873
- SSDEEP
  
  12288:1bENRCDG/Bd9frIipHSk+LPAqCLjx0k9dIleSrSuis3jk+n:1+gsd8QyLLPAqCV59dOXSz+
Score

7^/10

discovery spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer