cc20af452f633b393c01229ef072cd51d91cf81c46b94e3b932155ca6e7e0d05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e91b6d9bd604024d1b63149957f873ee_JaffaCakes118
Size

52KB
Sample

240409-dz674adb37
MD5

e91b6d9bd604024d1b63149957f873ee
SHA1

b09928af94aedee4edf32f6afc427c7e7ff88841
SHA256

cc20af452f633b393c01229ef072cd51d91cf81c46b94e3b932155ca6e7e0d05
SHA512

184c593a0426b73e45d963e1ea8670e6ae32cc99c60e15c9404530864edd5bf7589a30ba84037f20b4fd7b3308a4448a13bb3b389a90c5e267ffea8138a3faaa
SSDEEP

768:c5wt59uxWdYpQ38YIFwOXQg5J2HMD/ihzRDtT9UxrcTWArP:FtqDX5gH4OJT4ATzP

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  e91b6d9bd604024d1b63149957f873ee_JaffaCakes118
- Size
  
  52KB
- MD5
  
  e91b6d9bd604024d1b63149957f873ee
- SHA1
  
  b09928af94aedee4edf32f6afc427c7e7ff88841
- SHA256
  
  cc20af452f633b393c01229ef072cd51d91cf81c46b94e3b932155ca6e7e0d05
- SHA512
  
  184c593a0426b73e45d963e1ea8670e6ae32cc99c60e15c9404530864edd5bf7589a30ba84037f20b4fd7b3308a4448a13bb3b389a90c5e267ffea8138a3faaa
- SSDEEP
  
  768:c5wt59uxWdYpQ38YIFwOXQg5J2HMD/ihzRDtT9UxrcTWArP:FtqDX5gH4OJT4ATzP
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2