14401ee79845bbe55bf7d5d2d9123cf8fe8589dc4a535431c7bd524b50f042fd | Triage

Sharing

General

Target

JaffaCakes118_e2557269e66b36f7ed7fcf32e85b91dd
Size

1.6MB
Sample

250120-kxztka1rdq
MD5

e2557269e66b36f7ed7fcf32e85b91dd
SHA1

c682a00eb0e40e55064475d0f59d735e5561d45b
SHA256

14401ee79845bbe55bf7d5d2d9123cf8fe8589dc4a535431c7bd524b50f042fd
SHA512

5ea75cc0c40028948af5bfccc204711440ab7d667b276983bfdb784d78576f5a96f9a0a24606e9b4149afaefe2fe6d10eab9621c410c67787cf6ba6e23a92b26
SSDEEP

49152:pbfcx2eIzRet6PPwyo2MIvJtoiQKusITOJrc:pgx/My6vJ+gu5

Score

7^/10

discovery evasion spyware stealer trojan

Malware Config

Targets

- Target
  
  JaffaCakes118_e2557269e66b36f7ed7fcf32e85b91dd
- Size
  
  1.6MB
- MD5
  
  e2557269e66b36f7ed7fcf32e85b91dd
- SHA1
  
  c682a00eb0e40e55064475d0f59d735e5561d45b
- SHA256
  
  14401ee79845bbe55bf7d5d2d9123cf8fe8589dc4a535431c7bd524b50f042fd
- SHA512
  
  5ea75cc0c40028948af5bfccc204711440ab7d667b276983bfdb784d78576f5a96f9a0a24606e9b4149afaefe2fe6d10eab9621c410c67787cf6ba6e23a92b26
- SSDEEP
  
  49152:pbfcx2eIzRet6PPwyo2MIvJtoiQKusITOJrc:pgx/My6vJ+gu5
Score

7^/10

discovery evasion spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionspywarestealertrojan

behavioral2

discoveryspywarestealer