1f3dd726a93aa0dd54d34b00d5748dd5114d6f324746ddb518e6f32452bb6fe1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48e11ce8477de5bbc4575c83a67c14bb_JaffaCakes118
Size

76KB
Sample

240715-jqxj7ayeph
MD5

48e11ce8477de5bbc4575c83a67c14bb
SHA1

801112ca8f586975b5504ca48c4078b2402159b9
SHA256

1f3dd726a93aa0dd54d34b00d5748dd5114d6f324746ddb518e6f32452bb6fe1
SHA512

97ac7de13efd28aeebb402466695e61e7fa6a6c0b6df0909bdf9adae8812d8f8ead019e57597891c10557c32d218ee0fe62031df43364997d26c8f474715f4b8
SSDEEP

1536:WmyOm+aE1y9iJmN8KN3bSqZP6UQUC148vjPqIN:x8Nxpbr6A8vLd

Score

7^/10

adware persistence stealer upx

Malware Config

Targets

- Target
  
  48e11ce8477de5bbc4575c83a67c14bb_JaffaCakes118
- Size
  
  76KB
- MD5
  
  48e11ce8477de5bbc4575c83a67c14bb
- SHA1
  
  801112ca8f586975b5504ca48c4078b2402159b9
- SHA256
  
  1f3dd726a93aa0dd54d34b00d5748dd5114d6f324746ddb518e6f32452bb6fe1
- SHA512
  
  97ac7de13efd28aeebb402466695e61e7fa6a6c0b6df0909bdf9adae8812d8f8ead019e57597891c10557c32d218ee0fe62031df43364997d26c8f474715f4b8
- SSDEEP
  
  1536:WmyOm+aE1y9iJmN8KN3bSqZP6UQUC148vjPqIN:x8Nxpbr6A8vLd
Score

7^/10

adware persistence stealer upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealerupx

behavioral2

adwarepersistencestealerupx