ed27f6bb65dd54e6ad983ba70a20cf974f4331800a8a194df39746e5c2d019f3 | Triage

Sharing

General

Target

28a42a5bbf56a2fdbb8091234b21dbcc_JaffaCakes118
Size

52KB
Sample

240706-ss54sasenp
MD5

28a42a5bbf56a2fdbb8091234b21dbcc
SHA1

105806eb6fd44e99708849256d1784357ae77d9e
SHA256

ed27f6bb65dd54e6ad983ba70a20cf974f4331800a8a194df39746e5c2d019f3
SHA512

513d2c22917a9eb514e9424679b70c390d5f449b0d716fc8604fa8548e6bf6592850786d76793c5d28ba92c9a130d41f89786a1953ba9eb568c0789f361dac78
SSDEEP

768:mc6ImMw7NdPLeIsrkCQuvtb8dTPOp65jhMYWTB7ZhExh7mt9NipNTQ0iBRG4Y6Z:SlMYNlKIsgKYN99dWTpUTmLNipNWRbN

Score

8^/10

adware stealer

Malware Config

Targets

- Target
  
  28a42a5bbf56a2fdbb8091234b21dbcc_JaffaCakes118
- Size
  
  52KB
- MD5
  
  28a42a5bbf56a2fdbb8091234b21dbcc
- SHA1
  
  105806eb6fd44e99708849256d1784357ae77d9e
- SHA256
  
  ed27f6bb65dd54e6ad983ba70a20cf974f4331800a8a194df39746e5c2d019f3
- SHA512
  
  513d2c22917a9eb514e9424679b70c390d5f449b0d716fc8604fa8548e6bf6592850786d76793c5d28ba92c9a130d41f89786a1953ba9eb568c0789f361dac78
- SSDEEP
  
  768:mc6ImMw7NdPLeIsrkCQuvtb8dTPOp65jhMYWTB7ZhExh7mt9NipNTQ0iBRG4Y6Z:SlMYNlKIsgKYN99dWTpUTmLNipNWRbN
Score

8^/10

adware stealer
- Blocklisted process makes network request
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2