a7c728332b18e1a19ce5066ba295852631bf90bb06d001653287b55eb0fde0e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2aa53978d8f375cf76ad6a78b545ce37_JaffaCakes118
Size

496KB
Sample

240708-crwwqaxgnp
MD5

2aa53978d8f375cf76ad6a78b545ce37
SHA1

2867003010770dcd7ef644ab975eae59270f113c
SHA256

a7c728332b18e1a19ce5066ba295852631bf90bb06d001653287b55eb0fde0e1
SHA512

ea8f5806783d4af984f2ebfc41e967f28b8e971c7321c9e3819f85f6b68cd5efae5196d5508a14b657984723d1b8e71ba8c61cd82d2980a2ee39fea15df260c6
SSDEEP

12288:aOw1Um1BKRNg/I8nX5M28ulOh3jPdODHTS1yESaMF4+Vfj:3E/BKHMHX62VwrkzShKpf

Score

7^/10

adware evasion stealer

Malware Config

Targets

- Target
  
  2aa53978d8f375cf76ad6a78b545ce37_JaffaCakes118
- Size
  
  496KB
- MD5
  
  2aa53978d8f375cf76ad6a78b545ce37
- SHA1
  
  2867003010770dcd7ef644ab975eae59270f113c
- SHA256
  
  a7c728332b18e1a19ce5066ba295852631bf90bb06d001653287b55eb0fde0e1
- SHA512
  
  ea8f5806783d4af984f2ebfc41e967f28b8e971c7321c9e3819f85f6b68cd5efae5196d5508a14b657984723d1b8e71ba8c61cd82d2980a2ee39fea15df260c6
- SSDEEP
  
  12288:aOw1Um1BKRNg/I8nX5M28ulOh3jPdODHTS1yESaMF4+Vfj:3E/BKHMHX62VwrkzShKpf
Score

7^/10

adware evasion stealer
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealer

behavioral2

adwareevasionstealer