796423297a599658e7f73279a451cc29a50f5ab0eeef9901f508c7aa8e553e1f | Triage

Sharing

General

Target

467a4fb220804b8e55e8a5607845aa01_JaffaCakes118
Size

204KB
Sample

240714-s8mmdaxajm
MD5

467a4fb220804b8e55e8a5607845aa01
SHA1

02b43611a22a86c79fdc26ebbee481e96fc86251
SHA256

796423297a599658e7f73279a451cc29a50f5ab0eeef9901f508c7aa8e553e1f
SHA512

97966a7b01b263bc9a6e8ae2eb0694ba6a3ed89fb1807db9ea1a903958efd3f821641f7c7fd0ffef989459563e66cd4c4a51ff77072a236d4bcf321ce20474e0
SSDEEP

3072:qSAXYRcakWwIzKLi9nYqXRuIjkz8Yg4eBlBsDS9E:wXYeuKL+YMR1yY4YE

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  467a4fb220804b8e55e8a5607845aa01_JaffaCakes118
- Size
  
  204KB
- MD5
  
  467a4fb220804b8e55e8a5607845aa01
- SHA1
  
  02b43611a22a86c79fdc26ebbee481e96fc86251
- SHA256
  
  796423297a599658e7f73279a451cc29a50f5ab0eeef9901f508c7aa8e553e1f
- SHA512
  
  97966a7b01b263bc9a6e8ae2eb0694ba6a3ed89fb1807db9ea1a903958efd3f821641f7c7fd0ffef989459563e66cd4c4a51ff77072a236d4bcf321ce20474e0
- SSDEEP
  
  3072:qSAXYRcakWwIzKLi9nYqXRuIjkz8Yg4eBlBsDS9E:wXYeuKL+YMR1yY4YE
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer