e189baab9fbaad9b8d55f2a1d2715564ace687a131a24b924c7b46e5ef5f576b | Triage

Sharing

General

Target

60ded0c7bd5a184365da95d782a76637_JaffaCakes118
Size

128KB
Sample

240721-wpbbsazhrr
MD5

60ded0c7bd5a184365da95d782a76637
SHA1

0670a8f2ce69e5cc11a0fca589e7f02d267fa691
SHA256

e189baab9fbaad9b8d55f2a1d2715564ace687a131a24b924c7b46e5ef5f576b
SHA512

09419e0b74d25fcb8c4270c764527ee63ecdc0c6f33f8ba6a1c89d568b5cfa3656c29b53baad69b710461871f72217c3a192b9f3d82001ee622f66fd4a0f67dd
SSDEEP

3072:EmeDmBqskJAOyZ/qN5mCOEpfgi85SfxVyE:E8dLZyfm55oVyE

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  60ded0c7bd5a184365da95d782a76637_JaffaCakes118
- Size
  
  128KB
- MD5
  
  60ded0c7bd5a184365da95d782a76637
- SHA1
  
  0670a8f2ce69e5cc11a0fca589e7f02d267fa691
- SHA256
  
  e189baab9fbaad9b8d55f2a1d2715564ace687a131a24b924c7b46e5ef5f576b
- SHA512
  
  09419e0b74d25fcb8c4270c764527ee63ecdc0c6f33f8ba6a1c89d568b5cfa3656c29b53baad69b710461871f72217c3a192b9f3d82001ee622f66fd4a0f67dd
- SSDEEP
  
  3072:EmeDmBqskJAOyZ/qN5mCOEpfgi85SfxVyE:E8dLZyfm55oVyE
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer