3de6ee9d7287d72eb7c958bcfe8a6b30faf5b51813f9c7f50fadf55971cbfa32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0150a39606c9af518c143af865c2caa2_JaffaCakes118
Size

356KB
Sample

240619-313czaxgnb
MD5

0150a39606c9af518c143af865c2caa2
SHA1

e07da86cd6a51cc1188eb90e0bb02ff9e9d388a0
SHA256

3de6ee9d7287d72eb7c958bcfe8a6b30faf5b51813f9c7f50fadf55971cbfa32
SHA512

4364730dfc3a144a99fb6024d813105c921e7044e0dcba1b4df34e2aa2876edc21587caf81804594b8a1cb28034ccc0c664c7aede082846181ffd5f66cb30b7c
SSDEEP

6144:pIcUX8ak3ev0hI966AGkAjOpoaY7XvPt96fc4n/FOrVP8Ke8mpx:+cUX8r3eUq6xGJOpq/31fef7

Score

7^/10

adware aspackv2 persistence stealer

Malware Config

Targets

- Target
  
  0150a39606c9af518c143af865c2caa2_JaffaCakes118
- Size
  
  356KB
- MD5
  
  0150a39606c9af518c143af865c2caa2
- SHA1
  
  e07da86cd6a51cc1188eb90e0bb02ff9e9d388a0
- SHA256
  
  3de6ee9d7287d72eb7c958bcfe8a6b30faf5b51813f9c7f50fadf55971cbfa32
- SHA512
  
  4364730dfc3a144a99fb6024d813105c921e7044e0dcba1b4df34e2aa2876edc21587caf81804594b8a1cb28034ccc0c664c7aede082846181ffd5f66cb30b7c
- SSDEEP
  
  6144:pIcUX8ak3ev0hI966AGkAjOpoaY7XvPt96fc4n/FOrVP8Ke8mpx:+cUX8r3eUq6xGJOpq/31fef7
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer