17a0d0ce3d3b36b4e8870e77d48e8dd546ffc56d07c99f2c850d667fac7918d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14cf44f1710ae904ddd5eafa2c1bd9c0_JaffaCakes118
Size

52KB
Sample

240627-f1dchswhqk
MD5

14cf44f1710ae904ddd5eafa2c1bd9c0
SHA1

97ceb5cb3dc5933e2dc1f99f9e47f669d045e901
SHA256

17a0d0ce3d3b36b4e8870e77d48e8dd546ffc56d07c99f2c850d667fac7918d3
SHA512

5978f63bc172644d185e79e276b490104a35c7e80c65b773fcbfce192819088a3c35e4cf25232d0dfc7065fcbe335b2540a3e3c9d5d7ffeeda00c096fe8a45a7
SSDEEP

768:gbep4AmBvLNCJa96lQDEltEnCdnzZgAZFPpCaBZh6EX4YNivg2ONCewoejlsV9:xpzgN6zrltyMrLnZYeNivPATpejle

Score

8^/10

adware stealer

Malware Config

Targets

- Target
  
  14cf44f1710ae904ddd5eafa2c1bd9c0_JaffaCakes118
- Size
  
  52KB
- MD5
  
  14cf44f1710ae904ddd5eafa2c1bd9c0
- SHA1
  
  97ceb5cb3dc5933e2dc1f99f9e47f669d045e901
- SHA256
  
  17a0d0ce3d3b36b4e8870e77d48e8dd546ffc56d07c99f2c850d667fac7918d3
- SHA512
  
  5978f63bc172644d185e79e276b490104a35c7e80c65b773fcbfce192819088a3c35e4cf25232d0dfc7065fcbe335b2540a3e3c9d5d7ffeeda00c096fe8a45a7
- SSDEEP
  
  768:gbep4AmBvLNCJa96lQDEltEnCdnzZgAZFPpCaBZh6EX4YNivg2ONCewoejlsV9:xpzgN6zrltyMrLnZYeNivPATpejle
Score

8^/10

adware stealer
- Blocklisted process makes network request
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2