9371d4f137b3a7ea0ea83654828eb66192adf99c4a5fea4aeb92789e450d9831 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f711b6459f62b699e04b09110b05286_JaffaCakes118
Size

258KB
Sample

240709-h4ljeascpm
MD5

2f711b6459f62b699e04b09110b05286
SHA1

64cdf1ef477dff22c53d3843b6bd829e7d127758
SHA256

9371d4f137b3a7ea0ea83654828eb66192adf99c4a5fea4aeb92789e450d9831
SHA512

8ef42ad75b2ca968920bba22097c5ee9d3b142a7b8fd6b1090cfd1982619eaac3c4f36f389dc452ccf7e910b0caa1b1e0d39ab363b93af1824a2914fcb3a92e8
SSDEEP

6144:9QqmCtAbzwr4rtlz6a5A/eQDdpBHSwomwkeCj:iCtAAcwa5AeeftNjj

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  2f711b6459f62b699e04b09110b05286_JaffaCakes118
- Size
  
  258KB
- MD5
  
  2f711b6459f62b699e04b09110b05286
- SHA1
  
  64cdf1ef477dff22c53d3843b6bd829e7d127758
- SHA256
  
  9371d4f137b3a7ea0ea83654828eb66192adf99c4a5fea4aeb92789e450d9831
- SHA512
  
  8ef42ad75b2ca968920bba22097c5ee9d3b142a7b8fd6b1090cfd1982619eaac3c4f36f389dc452ccf7e910b0caa1b1e0d39ab363b93af1824a2914fcb3a92e8
- SSDEEP
  
  6144:9QqmCtAbzwr4rtlz6a5A/eQDdpBHSwomwkeCj:iCtAAcwa5AeeftNjj
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer