17900fa640035d9c28fce788726e1941635a648f7eb671bf1e4e870c20662b18 | Triage

Sharing

General

Target

34ab44b6e38103593e27bd08a9e6c474_JaffaCakes118
Size

317KB
Sample

240710-pda4baxbmm
MD5

34ab44b6e38103593e27bd08a9e6c474
SHA1

0d729996f2c6e1da0da4a2ae1f53472942543c2c
SHA256

17900fa640035d9c28fce788726e1941635a648f7eb671bf1e4e870c20662b18
SHA512

983f730a575ae1f60e794a16b11983d8896cf8bf63a57b034566e97fae4a2d8f249a39bf5698f0b888546913d71586955eaf08850e4b98be9d9144db9581d13e
SSDEEP

6144:8WqPHmKCGf9ShyTDnR6fcHIf2knG0iWBp0InD8TskYyf:ZqPHmKCq9SwT7A0HIf2knRiWl4J

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  34ab44b6e38103593e27bd08a9e6c474_JaffaCakes118
- Size
  
  317KB
- MD5
  
  34ab44b6e38103593e27bd08a9e6c474
- SHA1
  
  0d729996f2c6e1da0da4a2ae1f53472942543c2c
- SHA256
  
  17900fa640035d9c28fce788726e1941635a648f7eb671bf1e4e870c20662b18
- SHA512
  
  983f730a575ae1f60e794a16b11983d8896cf8bf63a57b034566e97fae4a2d8f249a39bf5698f0b888546913d71586955eaf08850e4b98be9d9144db9581d13e
- SSDEEP
  
  6144:8WqPHmKCGf9ShyTDnR6fcHIf2knG0iWBp0InD8TskYyf:ZqPHmKCq9SwT7A0HIf2knRiWl4J
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer