02deff7c202b84828912c0a6f032b82848a191d99e0c4dff51b64d58f8db1c20 | Triage

Sharing

General

Target

2ac7afda29681fb3d98125debeae013a_JaffaCakes118
Size

124KB
Sample

240708-dn3erssalf
MD5

2ac7afda29681fb3d98125debeae013a
SHA1

68c6b631549ce532f68a637cbc7ba30c3460c7fb
SHA256

02deff7c202b84828912c0a6f032b82848a191d99e0c4dff51b64d58f8db1c20
SHA512

6f1a8bff6191f2f94e19f4525f45a164854a5411a35a3426f1ed30d059c43ed339d44bf5e48270a981be7ecd8bcfe9ff2632a7e0b9f5766afbb905255848cdcf
SSDEEP

3072:KWaxTbje7QUBKbD73achvGbT+7mPM7o3mdu70:K7u8lH73tvgHPMG7

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  2ac7afda29681fb3d98125debeae013a_JaffaCakes118
- Size
  
  124KB
- MD5
  
  2ac7afda29681fb3d98125debeae013a
- SHA1
  
  68c6b631549ce532f68a637cbc7ba30c3460c7fb
- SHA256
  
  02deff7c202b84828912c0a6f032b82848a191d99e0c4dff51b64d58f8db1c20
- SHA512
  
  6f1a8bff6191f2f94e19f4525f45a164854a5411a35a3426f1ed30d059c43ed339d44bf5e48270a981be7ecd8bcfe9ff2632a7e0b9f5766afbb905255848cdcf
- SSDEEP
  
  3072:KWaxTbje7QUBKbD73achvGbT+7mPM7o3mdu70:K7u8lH73tvgHPMG7
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer