Overview

overview

7

Static

static

3

f31a61acb3...18.exe

windows7-x64

7

f31a61acb3...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f31a61acb3e60d23afe4af075c1179d6_JaffaCakes118

  • Size

    76KB

  • Sample

    240416-kg2cfsde47

  • MD5

    f31a61acb3e60d23afe4af075c1179d6

  • SHA1

    d8a16f33c7e55b8a0f5eda470ca269ebebdc3ae5

  • SHA256

    9b4dbb1a629f55e61a486a9ba56e8415bb8d6e746a127c11d0de6dd692351dbf

  • SHA512

    14984195853bae39222c4714a3ad6b40e0bc1c889eefea136830bed6d7959aff76f0b8b904a65116a16ba832127ffaaf337e5c5879ad772d2c77c032f478e550

  • SSDEEP

    1536:AriYVA1iPsQVZ+hXtmS0hv/JLt4UYe4eWkB/:4RVZ+hXtKhvBR4UYe7t/

Score
7/10
adwarestealer

Malware Config

Targets

    • Target

      f31a61acb3e60d23afe4af075c1179d6_JaffaCakes118

    • Size

      76KB

    • MD5

      f31a61acb3e60d23afe4af075c1179d6

    • SHA1

      d8a16f33c7e55b8a0f5eda470ca269ebebdc3ae5

    • SHA256

      9b4dbb1a629f55e61a486a9ba56e8415bb8d6e746a127c11d0de6dd692351dbf

    • SHA512

      14984195853bae39222c4714a3ad6b40e0bc1c889eefea136830bed6d7959aff76f0b8b904a65116a16ba832127ffaaf337e5c5879ad772d2c77c032f478e550

    • SSDEEP

      1536:AriYVA1iPsQVZ+hXtmS0hv/JLt4UYe4eWkB/:4RVZ+hXtKhvBR4UYe7t/

    Score
    7/10
    adwarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks