9be9152459f376dd2719e6e40c8c2b1015a6c98d7e8d4fe3fb5450e71bf08393 | Triage

Sharing

General

Target

49771a3bad6cc214819d8c8f99d69e44_JaffaCakes118
Size

208KB
Sample

240715-myh9bavhlh
MD5

49771a3bad6cc214819d8c8f99d69e44
SHA1

6e6c9e28c47a33f47a0436eb156a905a8e10bd4b
SHA256

9be9152459f376dd2719e6e40c8c2b1015a6c98d7e8d4fe3fb5450e71bf08393
SHA512

56ae6424a63092c54b9a883176d1aca11f15757da97357e82efc00937641ebb926524d398f40f2c594480060365cbe707682f3a36fbedb6fc4405165eebf7ae0
SSDEEP

3072:gz0Up1VYik5/NJueo9W3SvrGMx/il23MpwecxStW5w2IT2PilpLO8PjTl:gz0K3Emeo9RDZcpwechtIaPe5

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  49771a3bad6cc214819d8c8f99d69e44_JaffaCakes118
- Size
  
  208KB
- MD5
  
  49771a3bad6cc214819d8c8f99d69e44
- SHA1
  
  6e6c9e28c47a33f47a0436eb156a905a8e10bd4b
- SHA256
  
  9be9152459f376dd2719e6e40c8c2b1015a6c98d7e8d4fe3fb5450e71bf08393
- SHA512
  
  56ae6424a63092c54b9a883176d1aca11f15757da97357e82efc00937641ebb926524d398f40f2c594480060365cbe707682f3a36fbedb6fc4405165eebf7ae0
- SSDEEP
  
  3072:gz0Up1VYik5/NJueo9W3SvrGMx/il23MpwecxStW5w2IT2PilpLO8PjTl:gz0K3Emeo9RDZcpwechtIaPe5
Score

7^/10

adware stealer
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2