Overview

overview

7

Static

static

3

4b610174bc...18.exe

windows7-x64

7

4b610174bc...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b610174bcacb7630361832647b13e5d_JaffaCakes118

  • Size

    65KB

  • Sample

    240715-zt3tdaygln

  • MD5

    4b610174bcacb7630361832647b13e5d

  • SHA1

    4a993bfca0aa95e7309344239a4b12360b86c91c

  • SHA256

    c4ed875f39ca675eaee1a4fb89ae6f76a4317d2588e290cb07db1286076cc1b9

  • SHA512

    6ce897686a0e2f738e0e7fa211a4209923e15af5cdd5b692630dde26b2c8672aa32a51b4aac9b50be2127e0faa20cd705574d00c27b9af2dd11d1e7f1edb960e

  • SSDEEP

    1536:ubo7q7y47C4HnELSEWxEPA82Rua1fua1QZA:uE7qu47JOS9xEPA820/1A

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      4b610174bcacb7630361832647b13e5d_JaffaCakes118

    • Size

      65KB

    • MD5

      4b610174bcacb7630361832647b13e5d

    • SHA1

      4a993bfca0aa95e7309344239a4b12360b86c91c

    • SHA256

      c4ed875f39ca675eaee1a4fb89ae6f76a4317d2588e290cb07db1286076cc1b9

    • SHA512

      6ce897686a0e2f738e0e7fa211a4209923e15af5cdd5b692630dde26b2c8672aa32a51b4aac9b50be2127e0faa20cd705574d00c27b9af2dd11d1e7f1edb960e

    • SSDEEP

      1536:ubo7q7y47C4HnELSEWxEPA82Rua1fua1QZA:uE7qu47JOS9xEPA820/1A

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks