3228cceff076a8700528c77fb39e0232563bac1e56b9a3653364d277df13177d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b2d8128b4d950087581cdad4677ebfd_JaffaCakes118
Size

558KB
Sample

240711-3n9arazbkk
MD5

3b2d8128b4d950087581cdad4677ebfd
SHA1

bdee3e27f33231a3b2a1e205948020f96ba87a4c
SHA256

3228cceff076a8700528c77fb39e0232563bac1e56b9a3653364d277df13177d
SHA512

f9cd08735bbbedee165eb0be38d9cb4dfbdb7e9bdf7fa2a9066df30fc7c11cd6a9e148aadd3ae6ab6b8eda6e9e934c0611d35eec75e3bbfb33d2c68ac43c7c09
SSDEEP

12288:due/9in8Psa7rN90UNZsTjExD/H+S5BJMggq4q/77eY:dQn8PsaH0WZs3Y+SDxjd1

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  3b2d8128b4d950087581cdad4677ebfd_JaffaCakes118
- Size
  
  558KB
- MD5
  
  3b2d8128b4d950087581cdad4677ebfd
- SHA1
  
  bdee3e27f33231a3b2a1e205948020f96ba87a4c
- SHA256
  
  3228cceff076a8700528c77fb39e0232563bac1e56b9a3653364d277df13177d
- SHA512
  
  f9cd08735bbbedee165eb0be38d9cb4dfbdb7e9bdf7fa2a9066df30fc7c11cd6a9e148aadd3ae6ab6b8eda6e9e934c0611d35eec75e3bbfb33d2c68ac43c7c09
- SSDEEP
  
  12288:due/9in8Psa7rN90UNZsTjExD/H+S5BJMggq4q/77eY:dQn8PsaH0WZs3Y+SDxjd1
Score

7^/10

adware stealer
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2