bfe572aa235ac45e9f0f8b0b39a7f9112f67fa44aa17232770d2ba287c892faa | Triage

Sharing

General

Target

3310fd4ca524849b855b6bf096326a87_JaffaCakes118
Size

174KB
Sample

240710-dj7tpavdka
MD5

3310fd4ca524849b855b6bf096326a87
SHA1

64f999f4866b6fa8582a296cd8f9f8c972e6dedf
SHA256

bfe572aa235ac45e9f0f8b0b39a7f9112f67fa44aa17232770d2ba287c892faa
SHA512

4a0f55753ff6674244f679bd6eb0071902e4e6c107a8ad47128fe87329d803e4fd9b0512631be0bc628acde2cfbc355db251b3c01855516ef73ab4d1ab34fc1f
SSDEEP

3072:jqVDpPLfCYkVAokpe6ndlLrwUjk8YxsJ6ibGs8ySak50YjO8:4tP3kV4/dhrk1sAisa1KO8

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  3310fd4ca524849b855b6bf096326a87_JaffaCakes118
- Size
  
  174KB
- MD5
  
  3310fd4ca524849b855b6bf096326a87
- SHA1
  
  64f999f4866b6fa8582a296cd8f9f8c972e6dedf
- SHA256
  
  bfe572aa235ac45e9f0f8b0b39a7f9112f67fa44aa17232770d2ba287c892faa
- SHA512
  
  4a0f55753ff6674244f679bd6eb0071902e4e6c107a8ad47128fe87329d803e4fd9b0512631be0bc628acde2cfbc355db251b3c01855516ef73ab4d1ab34fc1f
- SSDEEP
  
  3072:jqVDpPLfCYkVAokpe6ndlLrwUjk8YxsJ6ibGs8ySak50YjO8:4tP3kV4/dhrk1sAisa1KO8
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer