7701ee216abdb8d4cb9ddb49ffea53cb1621aecbeb7228683293ba286053a57a | Triage

Sharing

General

Target

19b8daf07cf151533a4aed6fdf59bc0a_JaffaCakes118
Size

81KB
Sample

240628-l25faawemn
MD5

19b8daf07cf151533a4aed6fdf59bc0a
SHA1

afd690ce54613f2f2d7af633ffa5adda82dc1ad2
SHA256

7701ee216abdb8d4cb9ddb49ffea53cb1621aecbeb7228683293ba286053a57a
SHA512

580362a411c58a10c15714ff7f2b5557a6aafae8433ad9dda9eee288e626682e54dab77c4a8275e21e53a9523e6e87df2ced576aea422b993425b478fec991b0
SSDEEP

1536:nNb8K8lp/R8wDJoWzX7Kk2/GAfeWNnuhad2oRDacOhzp76J:nNb8K8lf8wyqKkZ8fRYhZA

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  19b8daf07cf151533a4aed6fdf59bc0a_JaffaCakes118
- Size
  
  81KB
- MD5
  
  19b8daf07cf151533a4aed6fdf59bc0a
- SHA1
  
  afd690ce54613f2f2d7af633ffa5adda82dc1ad2
- SHA256
  
  7701ee216abdb8d4cb9ddb49ffea53cb1621aecbeb7228683293ba286053a57a
- SHA512
  
  580362a411c58a10c15714ff7f2b5557a6aafae8433ad9dda9eee288e626682e54dab77c4a8275e21e53a9523e6e87df2ced576aea422b993425b478fec991b0
- SSDEEP
  
  1536:nNb8K8lp/R8wDJoWzX7Kk2/GAfeWNnuhad2oRDacOhzp76J:nNb8K8lf8wyqKkZ8fRYhZA
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2