Overview

overview

7

Static

static

3

1c96282868...18.exe

windows7-x64

7

1c96282868...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1c962828686e49d3753a8d2225c8c96c_JaffaCakes118

  • Size

    298KB

  • Sample

    240701-1g1nxs1ele

  • MD5

    1c962828686e49d3753a8d2225c8c96c

  • SHA1

    428fc37f83cfdc1ea1f8604a34b1f34ada459b92

  • SHA256

    18cdbb1e8574c17974a70cadd460f0d63d5c00c40ca1934d406a7b3389775c76

  • SHA512

    7ce064b905b1695e8281682c805c595d33fb316160e044889c3c54e4780f6299bff6bfb2b22136df38c997f0b87ec59b9452aa8fa16a0bd321e4c7b27fa16d5e

  • SSDEEP

    6144:yY94NGthp5tx7mUV0yz8VuqNT6gRdYODSlyh33+Fh1jJ2nI:x9OGtjR048Te4dn7E4I

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      1c962828686e49d3753a8d2225c8c96c_JaffaCakes118

    • Size

      298KB

    • MD5

      1c962828686e49d3753a8d2225c8c96c

    • SHA1

      428fc37f83cfdc1ea1f8604a34b1f34ada459b92

    • SHA256

      18cdbb1e8574c17974a70cadd460f0d63d5c00c40ca1934d406a7b3389775c76

    • SHA512

      7ce064b905b1695e8281682c805c595d33fb316160e044889c3c54e4780f6299bff6bfb2b22136df38c997f0b87ec59b9452aa8fa16a0bd321e4c7b27fa16d5e

    • SSDEEP

      6144:yY94NGthp5tx7mUV0yz8VuqNT6gRdYODSlyh33+Fh1jJ2nI:x9OGtjR048Te4dn7E4I

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks