f5b15a7fc7924dc7b8c1e7ddd688333bbb807aa849128df6e664566960aba0ea | Triage

Sharing

General

Target

4cf102258d2bbb65a2fae7b9ab9512ce_JaffaCakes118
Size

77KB
Sample

240716-fy6w2szanh
MD5

4cf102258d2bbb65a2fae7b9ab9512ce
SHA1

b5fa5f0dcf782acd7674b7f7df82344e57622e6e
SHA256

f5b15a7fc7924dc7b8c1e7ddd688333bbb807aa849128df6e664566960aba0ea
SHA512

a75b0a375c725be87fcba293d917272546aa59a9e2f541e38c1a1690f996e71b7413f00f4d7ff3c0167179c77422a379451247ff19e1cb990df2a90cbe16827d
SSDEEP

1536:FMnr+rz3G+HL+ps03TpJZLILWglwpqEHMQ+aYL8hOeS5sg2cC:FMnr+rz3bL+/jZ8LWHqEsT8Oag2cC

Score

10^/10

adware evasion stealer

Malware Config

Targets

- Target
  
  4cf102258d2bbb65a2fae7b9ab9512ce_JaffaCakes118
- Size
  
  77KB
- MD5
  
  4cf102258d2bbb65a2fae7b9ab9512ce
- SHA1
  
  b5fa5f0dcf782acd7674b7f7df82344e57622e6e
- SHA256
  
  f5b15a7fc7924dc7b8c1e7ddd688333bbb807aa849128df6e664566960aba0ea
- SHA512
  
  a75b0a375c725be87fcba293d917272546aa59a9e2f541e38c1a1690f996e71b7413f00f4d7ff3c0167179c77422a379451247ff19e1cb990df2a90cbe16827d
- SSDEEP
  
  1536:FMnr+rz3G+HL+ps03TpJZLILWglwpqEHMQ+aYL8hOeS5sg2cC:FMnr+rz3bL+/jZ8LWHqEsT8Oag2cC
Score

10^/10

adware evasion stealer
- Modifies firewall policy service
  evasion
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealer

behavioral2

adwareevasionstealer