abd423804aeb5b3f1ac89637f470917faec66a81aa6a54ae387dca5da3172b41 | Triage

Sharing

General

Target

b4eb146b23a71e5c125eaec2a26ba04e_JaffaCakes118
Size

1.1MB
Sample

241130-fsc2satpbs
MD5

b4eb146b23a71e5c125eaec2a26ba04e
SHA1

9014d7c0a1cdff741cae798e2547077e3414ef5d
SHA256

abd423804aeb5b3f1ac89637f470917faec66a81aa6a54ae387dca5da3172b41
SHA512

0e3f095cde8078f555c190bbcd30db076963ed67b064c52f1d93eaca7f93dbb172679bc4b3bde25a25191a4f5b1c153fa7464041855a6da6a5b1bd054883d6c9
SSDEEP

24576:WtFLNV+/+iQdy9W3cs9jwv1RuXlCCT0Ulk2m6JuHMfMoh:GLCW3c0j2mkCTfle6JuHMfM

Score

7^/10

discovery spyware stealer

Malware Config

Targets

- Target
  
  b4eb146b23a71e5c125eaec2a26ba04e_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  b4eb146b23a71e5c125eaec2a26ba04e
- SHA1
  
  9014d7c0a1cdff741cae798e2547077e3414ef5d
- SHA256
  
  abd423804aeb5b3f1ac89637f470917faec66a81aa6a54ae387dca5da3172b41
- SHA512
  
  0e3f095cde8078f555c190bbcd30db076963ed67b064c52f1d93eaca7f93dbb172679bc4b3bde25a25191a4f5b1c153fa7464041855a6da6a5b1bd054883d6c9
- SSDEEP
  
  24576:WtFLNV+/+iQdy9W3cs9jwv1RuXlCCT0Ulk2m6JuHMfMoh:GLCW3c0j2mkCTfle6JuHMfM
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer