Overview

overview

7

Static

static

3

2350b85ec5...18.exe

windows7-x64

7

2350b85ec5...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2350b85ec55235943c3b4354223d5d4e_JaffaCakes118

  • Size

    294KB

  • Sample

    240703-wywdba1hmm

  • MD5

    2350b85ec55235943c3b4354223d5d4e

  • SHA1

    cab61b5700c61a556e0f670310eb8ad05f91c6ae

  • SHA256

    4e6ff850c052913606c0bc0bcd16e5fb50370a74e726b7eb05258d7f0fea4559

  • SHA512

    3b13428ffb1afbff5e53498dc249a4cd9870d8570bd54af3bc07df7f3b951059f3d4f4e8bfa825b3cb0f3488414e3c3a0f24c75be79880d34ca9f2a76e7128f2

  • SSDEEP

    6144:qY94NMjbsCCRh6j6HDwPVSfC+VYQW3ec6yrbdn:59OU4CC36GHjaOPW3etyF

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      2350b85ec55235943c3b4354223d5d4e_JaffaCakes118

    • Size

      294KB

    • MD5

      2350b85ec55235943c3b4354223d5d4e

    • SHA1

      cab61b5700c61a556e0f670310eb8ad05f91c6ae

    • SHA256

      4e6ff850c052913606c0bc0bcd16e5fb50370a74e726b7eb05258d7f0fea4559

    • SHA512

      3b13428ffb1afbff5e53498dc249a4cd9870d8570bd54af3bc07df7f3b951059f3d4f4e8bfa825b3cb0f3488414e3c3a0f24c75be79880d34ca9f2a76e7128f2

    • SSDEEP

      6144:qY94NMjbsCCRh6j6HDwPVSfC+VYQW3ec6yrbdn:59OU4CC36GHjaOPW3etyF

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks