baca2b2da1184b641502ac7cf9df35de47ae643d87906112f2c33564aaa72d74 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2ce10717f2b6a6d6fbb04f27c8a59c8_JaffaCakes118
Size

60KB
Sample

240416-gc5brsaf43
MD5

f2ce10717f2b6a6d6fbb04f27c8a59c8
SHA1

a69407be9c20b314cc8f00d8ed6d3193a0b169b9
SHA256

baca2b2da1184b641502ac7cf9df35de47ae643d87906112f2c33564aaa72d74
SHA512

393e479a4ef607d7c85b8e947e5c6a5ef13426ba519fc2866566ddb6241134ffb94701f5d3f3aaf7eafba83abab00b74380e50d957e7fe893cd3069134d374fc
SSDEEP

768:k2nNduHxy8EDk5vHb6xKSOrQ6tQDVjJ44RwxpiB/Evf5o9lL4kbDPL5xa6Fd8xCT:kjRDWK3rPgb4xxo1Ee9t4k/PLHLqtjcJ

Score

10^/10

adware evasion stealer

Malware Config

Targets

- Target
  
  f2ce10717f2b6a6d6fbb04f27c8a59c8_JaffaCakes118
- Size
  
  60KB
- MD5
  
  f2ce10717f2b6a6d6fbb04f27c8a59c8
- SHA1
  
  a69407be9c20b314cc8f00d8ed6d3193a0b169b9
- SHA256
  
  baca2b2da1184b641502ac7cf9df35de47ae643d87906112f2c33564aaa72d74
- SHA512
  
  393e479a4ef607d7c85b8e947e5c6a5ef13426ba519fc2866566ddb6241134ffb94701f5d3f3aaf7eafba83abab00b74380e50d957e7fe893cd3069134d374fc
- SSDEEP
  
  768:k2nNduHxy8EDk5vHb6xKSOrQ6tQDVjJ44RwxpiB/Evf5o9lL4kbDPL5xa6Fd8xCT:kjRDWK3rPgb4xxo1Ee9t4k/PLHLqtjcJ
Score

10^/10

adware evasion stealer
- Modifies firewall policy service
  evasion
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealer

behavioral2

adwareevasionstealer