d96d7a605332733be0fcbbc69574d9018c10de1fbb429270f28899dff8430836 | Triage

Sharing

General

Target

166a8373323e862687504f95022337ba_JaffaCakes118
Size

128KB
Sample

240627-sanf1swfjd
MD5

166a8373323e862687504f95022337ba
SHA1

a9b3da14668d9015026227f14974af09ecf4cc4e
SHA256

d96d7a605332733be0fcbbc69574d9018c10de1fbb429270f28899dff8430836
SHA512

14659f5a27ffd2c3016b7a84a35b5fc1c76c1cd8720a424cec6646afe4d99b741da2437d0c9cceb3e0d4c01a9794d2a54cbed58ce08822e9780bde0a78efa7f0
SSDEEP

3072:EmeDmBqskJ8bX/v44oVHVA9VS6TpCyA5GFevgY8qlK:E8P/w4GHW9VS6TpCy8GFggUK

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  166a8373323e862687504f95022337ba_JaffaCakes118
- Size
  
  128KB
- MD5
  
  166a8373323e862687504f95022337ba
- SHA1
  
  a9b3da14668d9015026227f14974af09ecf4cc4e
- SHA256
  
  d96d7a605332733be0fcbbc69574d9018c10de1fbb429270f28899dff8430836
- SHA512
  
  14659f5a27ffd2c3016b7a84a35b5fc1c76c1cd8720a424cec6646afe4d99b741da2437d0c9cceb3e0d4c01a9794d2a54cbed58ce08822e9780bde0a78efa7f0
- SSDEEP
  
  3072:EmeDmBqskJ8bX/v44oVHVA9VS6TpCyA5GFevgY8qlK:E8P/w4GHW9VS6TpCy8GFggUK
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer