Overview

overview

7

Static

static

3

e8c0ac4f41...18.exe

windows7-x64

7

e8c0ac4f41...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    e8c0ac4f41997048b451b7263b1f4de9_JaffaCakes118

  • Size

    488KB

  • Sample

    240409-acz9gsfh37

  • MD5

    e8c0ac4f41997048b451b7263b1f4de9

  • SHA1

    19984235415b6db958d450caa8a556dd9434c504

  • SHA256

    3f95392ed9d07ff467e5f06128ebb162bb4b1ecae50f8181a405c261acfe377b

  • SHA512

    9125aa0db262d037f3249a66ec6ba8c61c09de6eeb07ad2d3f9c9165aeab094823ba1df7de0a03845c24ad66627afeee089bc408ceb57c9a46157a69913b13d4

  • SSDEEP

    6144:nY94N+FnpGo/guSj/4K1heFnaYAPswYGD65odZJ3WzGQxLMAF8hAAbOlYoEYioGH:Y9OCkxjheFl7DU65eZJpOObuEN

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      e8c0ac4f41997048b451b7263b1f4de9_JaffaCakes118

    • Size

      488KB

    • MD5

      e8c0ac4f41997048b451b7263b1f4de9

    • SHA1

      19984235415b6db958d450caa8a556dd9434c504

    • SHA256

      3f95392ed9d07ff467e5f06128ebb162bb4b1ecae50f8181a405c261acfe377b

    • SHA512

      9125aa0db262d037f3249a66ec6ba8c61c09de6eeb07ad2d3f9c9165aeab094823ba1df7de0a03845c24ad66627afeee089bc408ceb57c9a46157a69913b13d4

    • SSDEEP

      6144:nY94N+FnpGo/guSj/4K1heFnaYAPswYGD65odZJ3WzGQxLMAF8hAAbOlYoEYioGH:Y9OCkxjheFl7DU65eZJpOObuEN

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks