1387c92114cf60a3186365b491341b1a392e31bd15759afbf6da74cdf0cb9e8a | Triage

Sharing

General

Target

01db41f67e23ca6edac6947539c1af71_JaffaCakes118
Size

517KB
Sample

240426-2x47qadh27
MD5

01db41f67e23ca6edac6947539c1af71
SHA1

854e66e00b36ac604400be047d1ae9cb2989bc48
SHA256

1387c92114cf60a3186365b491341b1a392e31bd15759afbf6da74cdf0cb9e8a
SHA512

8cb412729e986029bd8b9619fe1c393f872b7dfcd245edd2af0796d45288f96bd5167ff217e8266a30a59e7f0df476be0d54baa25b91ec86be02790f2f196f1f
SSDEEP

12288:lxTM1L/Zs37dJVau2e2XudUiXzxpz126aI/4LvAkJi59:lx1qXUzk6aIgLNJi59

Score

7^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  01db41f67e23ca6edac6947539c1af71_JaffaCakes118
- Size
  
  517KB
- MD5
  
  01db41f67e23ca6edac6947539c1af71
- SHA1
  
  854e66e00b36ac604400be047d1ae9cb2989bc48
- SHA256
  
  1387c92114cf60a3186365b491341b1a392e31bd15759afbf6da74cdf0cb9e8a
- SHA512
  
  8cb412729e986029bd8b9619fe1c393f872b7dfcd245edd2af0796d45288f96bd5167ff217e8266a30a59e7f0df476be0d54baa25b91ec86be02790f2f196f1f
- SSDEEP
  
  12288:lxTM1L/Zs37dJVau2e2XudUiXzxpz126aI/4LvAkJi59:lx1qXUzk6aIgLNJi59
Score

7^/10

adware persistence stealer
- Registers COM server for autorun
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer