Overview

overview

7

Static

static

1

65f8295562...18.wsf

windows7-x64

7

65f8295562...18.wsf

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    65f829556241ff8849e7e60ac1406172_JaffaCakes118

  • Size

    120KB

  • Sample

    240723-d4ct2svgkf

  • MD5

    65f829556241ff8849e7e60ac1406172

  • SHA1

    69077d59f3be7930d6536c24d871be3390d15e28

  • SHA256

    cae3a60ae3304988a6af4916b291c6890b96e276c826ce23d8b8809d6e9784f3

  • SHA512

    67c940243c415d1423adb75c99d3e2a877d558aa9a10f612c5f8438bdac6f506ef5d4325582714595ee6d082732c57a0ead2aa5f8faafc28bc7949870cb676c2

  • SSDEEP

    3072:WcZzbvWoOpAHATWUnUB7fpNMpayB7FNI2TTZ:WOzbvROpAHATWUnUFpNMpayB77tZ

Score
7/10
adwarepersistenceprivilege_escalationspywarestealer

Malware Config

Targets

    • Target

      65f829556241ff8849e7e60ac1406172_JaffaCakes118

    • Size

      120KB

    • MD5

      65f829556241ff8849e7e60ac1406172

    • SHA1

      69077d59f3be7930d6536c24d871be3390d15e28

    • SHA256

      cae3a60ae3304988a6af4916b291c6890b96e276c826ce23d8b8809d6e9784f3

    • SHA512

      67c940243c415d1423adb75c99d3e2a877d558aa9a10f612c5f8438bdac6f506ef5d4325582714595ee6d082732c57a0ead2aa5f8faafc28bc7949870cb676c2

    • SSDEEP

      3072:WcZzbvWoOpAHATWUnUB7fpNMpayB7FNI2TTZ:WOzbvROpAHATWUnUFpNMpayB77tZ

    Score
    7/10
    adwarepersistenceprivilege_escalationspywarestealer

    • Event Triggered Execution: Component Object Model Hijacking

      Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.

      persistenceprivilege_escalation

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks