06ea2ab59dc7a18aae56a92166d39545e3e2c17646ce5f6c5db442ec5982fd68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6134828d07d4260ebd93534b24ebda12_JaffaCakes118
Size

562KB
Sample

240520-2t359aac88
MD5

6134828d07d4260ebd93534b24ebda12
SHA1

d893901741309cc168acad3ed0bdd6a3fec0dc6d
SHA256

06ea2ab59dc7a18aae56a92166d39545e3e2c17646ce5f6c5db442ec5982fd68
SHA512

f00715896a9dbe07723285ff3af5970e3027ca5631b72a0c043b88777750f5b3b49eb0263a1cc718f3ed62b58f12d6a3ef209fc101a2c36c1bcced881cab86d5
SSDEEP

12288:8FBsfK9TzTyCgzSh+OGrqHGuX88AJfW0C:WBt9TzGLmh+f8eW5

Score

7^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  6134828d07d4260ebd93534b24ebda12_JaffaCakes118
- Size
  
  562KB
- MD5
  
  6134828d07d4260ebd93534b24ebda12
- SHA1
  
  d893901741309cc168acad3ed0bdd6a3fec0dc6d
- SHA256
  
  06ea2ab59dc7a18aae56a92166d39545e3e2c17646ce5f6c5db442ec5982fd68
- SHA512
  
  f00715896a9dbe07723285ff3af5970e3027ca5631b72a0c043b88777750f5b3b49eb0263a1cc718f3ed62b58f12d6a3ef209fc101a2c36c1bcced881cab86d5
- SSDEEP
  
  12288:8FBsfK9TzTyCgzSh+OGrqHGuX88AJfW0C:WBt9TzGLmh+f8eW5
Score

7^/10

adware persistence stealer
- Registers COM server for autorun
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer