Overview

overview

7

Static

static

3

246d2c0cfc...18.exe

windows7-x64

7

246d2c0cfc...18.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    246d2c0cfc15558b38cb7d6b92296382_JaffaCakes118

  • Size

    3.4MB

  • Sample

    240704-dnnava1fjp

  • MD5

    246d2c0cfc15558b38cb7d6b92296382

  • SHA1

    b6cb4cff81d8ca5fb41cacf4aa95c1b4edd4eeec

  • SHA256

    36ac30050521c0f147cbafccd50b1a19412eea098f1660e1ea4eb05cd77312da

  • SHA512

    a287d4bdd03f8e53e0c6a6b5164f4607f9764db20dc475b0aeda27292472414a2ad6d69cfff1703d829b97a0f66623d8c6cf5845dacb0e67e656e31ecb28e37f

  • SSDEEP

    49152:/fs90uf3Mhua8Z57/SNf9ob29zsWCYYs/zKEKJhs/S/zeuUoKAMpCVmwZTe:A0uf3ZBZo5N+tdi0s/S/z6oKA0Csw

Score
7/10
adwarediscoverypersistencestealer

Malware Config

Targets

    • Target

      246d2c0cfc15558b38cb7d6b92296382_JaffaCakes118

    • Size

      3.4MB

    • MD5

      246d2c0cfc15558b38cb7d6b92296382

    • SHA1

      b6cb4cff81d8ca5fb41cacf4aa95c1b4edd4eeec

    • SHA256

      36ac30050521c0f147cbafccd50b1a19412eea098f1660e1ea4eb05cd77312da

    • SHA512

      a287d4bdd03f8e53e0c6a6b5164f4607f9764db20dc475b0aeda27292472414a2ad6d69cfff1703d829b97a0f66623d8c6cf5845dacb0e67e656e31ecb28e37f

    • SSDEEP

      49152:/fs90uf3Mhua8Z57/SNf9ob29zsWCYYs/zKEKJhs/S/zeuUoKAMpCVmwZTe:A0uf3ZBZo5N+tdi0s/S/z6oKA0Csw

    Score
    7/10
    adwarediscoverypersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks