d2b4a568593b6f6e2d9da29875abe3e4eaf31ee7f92145d7bd482b8da27c8c24 | Triage

Sharing

General

Target

ea96d4a1902343c7219441cd600e3a30_JaffaCakes118
Size

154KB
Sample

240410-jn7blsbg5z
MD5

ea96d4a1902343c7219441cd600e3a30
SHA1

fe48d0be0a1515f45aacdbd8219577ae2d7f91a7
SHA256

d2b4a568593b6f6e2d9da29875abe3e4eaf31ee7f92145d7bd482b8da27c8c24
SHA512

f15225e940ebf3bae4d0be0e68acc3f921687a547a5f39b33c035022d3e75a691683e9f165b0b340d2d22dd9b10fad737829837d350bad7d11c9d30d4d140d9e
SSDEEP

3072:0DbFh+qEsbB62Sy2903cJtxrxpAdfZbJyUj5ko:0DhcqEsHSyeNJXrxG5j2o

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  ea96d4a1902343c7219441cd600e3a30_JaffaCakes118
- Size
  
  154KB
- MD5
  
  ea96d4a1902343c7219441cd600e3a30
- SHA1
  
  fe48d0be0a1515f45aacdbd8219577ae2d7f91a7
- SHA256
  
  d2b4a568593b6f6e2d9da29875abe3e4eaf31ee7f92145d7bd482b8da27c8c24
- SHA512
  
  f15225e940ebf3bae4d0be0e68acc3f921687a547a5f39b33c035022d3e75a691683e9f165b0b340d2d22dd9b10fad737829837d350bad7d11c9d30d4d140d9e
- SSDEEP
  
  3072:0DbFh+qEsbB62Sy2903cJtxrxpAdfZbJyUj5ko:0DhcqEsHSyeNJXrxG5j2o
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer