4fb708c8babd5f2cc8057efef225c63ff5b5e8eac84f16901e5c92129289aab4 | Triage

Sharing

General

Target

176bed80cd1808ab3cc906d344beb8c1_JaffaCakes118
Size

378KB
Sample

240627-zaz85syhpc
MD5

176bed80cd1808ab3cc906d344beb8c1
SHA1

13b630b0ff9c07af279e894810903c357f44060d
SHA256

4fb708c8babd5f2cc8057efef225c63ff5b5e8eac84f16901e5c92129289aab4
SHA512

bd83602f795f0a46e2cc991d78ca306dc50bc9fe56dd3cba8031655d2ed137f6b8af91d88af43adb4b731fd8e2ddd4fddb19b016f5bed88686f6330c6ca817ee
SSDEEP

6144:StE0VT6P9cSrJak1c659bBxBsbAh27CNvvjEvdnslHnPeK3iFlD4tCkhbv2s79ZO:StE04TrEk1c499x2b/+vvYvdnkHnPeK0

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  176bed80cd1808ab3cc906d344beb8c1_JaffaCakes118
- Size
  
  378KB
- MD5
  
  176bed80cd1808ab3cc906d344beb8c1
- SHA1
  
  13b630b0ff9c07af279e894810903c357f44060d
- SHA256
  
  4fb708c8babd5f2cc8057efef225c63ff5b5e8eac84f16901e5c92129289aab4
- SHA512
  
  bd83602f795f0a46e2cc991d78ca306dc50bc9fe56dd3cba8031655d2ed137f6b8af91d88af43adb4b731fd8e2ddd4fddb19b016f5bed88686f6330c6ca817ee
- SSDEEP
  
  6144:StE0VT6P9cSrJak1c659bBxBsbAh27CNvvjEvdnslHnPeK3iFlD4tCkhbv2s79ZO:StE04TrEk1c499x2b/+vvYvdnkHnPeK0
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer