Overview

overview

7

Static

static

3

64ad3fbf31...18.exe

windows7-x64

7

64ad3fbf31...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64ad3fbf31657091b2dbddc095752b3e_JaffaCakes118

  • Size

    251KB

  • Sample

    240722-y7brdaxakj

  • MD5

    64ad3fbf31657091b2dbddc095752b3e

  • SHA1

    1ddd280954e9a50460e91f8ef2edbd50a897e4d4

  • SHA256

    815ce88eb9a6faa9bd1447651c34e593b4fe6bcf186b6953411392f607969764

  • SHA512

    16fd8d7b784958b4b8c968d519fa67e38939f4c99edc46514972f701464b97da2b3db21b627fd1da651f6f26f517bc9be926d2276196a50fea2739dbe92a2e58

  • SSDEEP

    3072:GY0yj4Gi3dDlp67pX6LG2Nexysk758vf3F2TEDCfjab4nRVOhRUv9qPbwPlclusb:GY94N5mwLeFoEDC7NRw2zNclusKPbS

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      64ad3fbf31657091b2dbddc095752b3e_JaffaCakes118

    • Size

      251KB

    • MD5

      64ad3fbf31657091b2dbddc095752b3e

    • SHA1

      1ddd280954e9a50460e91f8ef2edbd50a897e4d4

    • SHA256

      815ce88eb9a6faa9bd1447651c34e593b4fe6bcf186b6953411392f607969764

    • SHA512

      16fd8d7b784958b4b8c968d519fa67e38939f4c99edc46514972f701464b97da2b3db21b627fd1da651f6f26f517bc9be926d2276196a50fea2739dbe92a2e58

    • SSDEEP

      3072:GY0yj4Gi3dDlp67pX6LG2Nexysk758vf3F2TEDCfjab4nRVOhRUv9qPbwPlclusb:GY94N5mwLeFoEDC7NRw2zNclusKPbS

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks