dfcd79907da36643d25664fe76ebd7e9166f17c3e82f554f5793eae83e85f6ab | Triage

Sharing

General

Target

6534a29e6155bc4e3c17da3e4047a900_JaffaCakes118
Size

65KB
Sample

240722-3bc2savcqq
MD5

6534a29e6155bc4e3c17da3e4047a900
SHA1

a428f29086aa24dce9a42bdbcd09b0108806ec83
SHA256

dfcd79907da36643d25664fe76ebd7e9166f17c3e82f554f5793eae83e85f6ab
SHA512

72910f27d1e198e7f903fa1e0e0fd1911df12ff5413117f7058fa85c36f755ad992c78e2b050a3c9ef300c072e58b94f3817c922f699d43848be705d4d5000a5
SSDEEP

1536:o4rlOp+YIfbhkuGP5bM6gqC7KnBwvtpcyDxFtwk:o6YI1kuGPcx7sBCoyDzik

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  6534a29e6155bc4e3c17da3e4047a900_JaffaCakes118
- Size
  
  65KB
- MD5
  
  6534a29e6155bc4e3c17da3e4047a900
- SHA1
  
  a428f29086aa24dce9a42bdbcd09b0108806ec83
- SHA256
  
  dfcd79907da36643d25664fe76ebd7e9166f17c3e82f554f5793eae83e85f6ab
- SHA512
  
  72910f27d1e198e7f903fa1e0e0fd1911df12ff5413117f7058fa85c36f755ad992c78e2b050a3c9ef300c072e58b94f3817c922f699d43848be705d4d5000a5
- SSDEEP
  
  1536:o4rlOp+YIfbhkuGP5bM6gqC7KnBwvtpcyDxFtwk:o6YI1kuGPcx7sBCoyDzik
Score

7^/10

adware stealer
- Deletes itself
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2