126924925e54d61732a717f991fdc3a4bf95302daf2bc655bac690171433b361 | Triage

Sharing

General

Target

43b5c29fdbfb9b5ac4410156bbd479a0_JaffaCakes118
Size

377KB
Sample

240713-3lt32s1cml
MD5

43b5c29fdbfb9b5ac4410156bbd479a0
SHA1

e79745874ce4421d1dc24014259233eeba729d3d
SHA256

126924925e54d61732a717f991fdc3a4bf95302daf2bc655bac690171433b361
SHA512

321b93b4a06cae99753f3c2b141a4011620c3e9badb32516648f15abaf12edbb357359a9b24a3d3097523ab14a51f243b396fed08e039d8e5e089a0ffbe7b4c3
SSDEEP

6144:9NnAmlF1KfuNlnGzQtiyfLg/n3Fa5XADH8B4AJxDmP63p+u48u7t+pYZ:9NnAS7vlnG8tiyDiVa5XGG4AJxDmP63Q

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  43b5c29fdbfb9b5ac4410156bbd479a0_JaffaCakes118
- Size
  
  377KB
- MD5
  
  43b5c29fdbfb9b5ac4410156bbd479a0
- SHA1
  
  e79745874ce4421d1dc24014259233eeba729d3d
- SHA256
  
  126924925e54d61732a717f991fdc3a4bf95302daf2bc655bac690171433b361
- SHA512
  
  321b93b4a06cae99753f3c2b141a4011620c3e9badb32516648f15abaf12edbb357359a9b24a3d3097523ab14a51f243b396fed08e039d8e5e089a0ffbe7b4c3
- SSDEEP
  
  6144:9NnAmlF1KfuNlnGzQtiyfLg/n3Fa5XADH8B4AJxDmP63p+u48u7t+pYZ:9NnAS7vlnG8tiyDiVa5XGG4AJxDmP63Q
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer