292e6fa8584cbeab2df9ddd4ba5327fc25010423d12896ede13a09bc6b2ca6f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5695b76d8c5da5cb7e1e96d751db4da0_JaffaCakes118
Size

1.1MB
Sample

241018-k3jpjaycla
MD5

5695b76d8c5da5cb7e1e96d751db4da0
SHA1

7d77603f3bc518eeafaa10ed47981f1f7a2cd5b5
SHA256

292e6fa8584cbeab2df9ddd4ba5327fc25010423d12896ede13a09bc6b2ca6f3
SHA512

91a728134722c579db8ae7b7806d0756947e732c5f450e0baccff6272861a5d933b730ae5c48c09fab145856c14020a576b4de7ef2c80b955c0908ffeb906203
SSDEEP

24576:vnZaEED47I60ftaBnyGl4JBzTFpuMNExPP2:hiD47L0FHJdTFEMNExP

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  5695b76d8c5da5cb7e1e96d751db4da0_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  5695b76d8c5da5cb7e1e96d751db4da0
- SHA1
  
  7d77603f3bc518eeafaa10ed47981f1f7a2cd5b5
- SHA256
  
  292e6fa8584cbeab2df9ddd4ba5327fc25010423d12896ede13a09bc6b2ca6f3
- SHA512
  
  91a728134722c579db8ae7b7806d0756947e732c5f450e0baccff6272861a5d933b730ae5c48c09fab145856c14020a576b4de7ef2c80b955c0908ffeb906203
- SSDEEP
  
  24576:vnZaEED47I60ftaBnyGl4JBzTFpuMNExPP2:hiD47L0FHJdTFEMNExP
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer