612362a8bf30213808dcf297659a08e604e849a7bc8d6e26fa8669f5548746cc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c9b5323920c84339d0a3e0a3770818d_JaffaCakes118
Size

181KB
Sample

240719-tavqrssbph
MD5

5c9b5323920c84339d0a3e0a3770818d
SHA1

5fa2fb0a1c73fb62c07533ca1091720fd02b2a72
SHA256

612362a8bf30213808dcf297659a08e604e849a7bc8d6e26fa8669f5548746cc
SHA512

c3d0a8675da025a83f9c3c30931252caa0124a107ffce14d8015dcfee246da0abc45958e532fb985e758186b81cb692412276a0366796267d953af49bf4ff6a3
SSDEEP

3072:NaBx0XjOJrJSFpUhY930bP8k8xP8kFPnEctcEnPFk8Q4OahpJaX:UB/6Sa30bP8k8xP8kFPnEctcEnPFk8QR

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  5c9b5323920c84339d0a3e0a3770818d_JaffaCakes118
- Size
  
  181KB
- MD5
  
  5c9b5323920c84339d0a3e0a3770818d
- SHA1
  
  5fa2fb0a1c73fb62c07533ca1091720fd02b2a72
- SHA256
  
  612362a8bf30213808dcf297659a08e604e849a7bc8d6e26fa8669f5548746cc
- SHA512
  
  c3d0a8675da025a83f9c3c30931252caa0124a107ffce14d8015dcfee246da0abc45958e532fb985e758186b81cb692412276a0366796267d953af49bf4ff6a3
- SSDEEP
  
  3072:NaBx0XjOJrJSFpUhY930bP8k8xP8kFPnEctcEnPFk8Q4OahpJaX:UB/6Sa30bP8k8xP8kFPnEctcEnPFk8QR
Score

7^/10

adware stealer
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2