543889e0182a23fb15013679384402798714bad21e59a84e4f285bd6c98abd83 | Triage

Sharing

General

Target

669fb87469bf6198bd88b6cf8dba703f_JaffaCakes118
Size

289KB
Sample

240723-h3cvwavblr
MD5

669fb87469bf6198bd88b6cf8dba703f
SHA1

787926ac1f2fd48be39a9ca2a53e1bedc6cff8d6
SHA256

543889e0182a23fb15013679384402798714bad21e59a84e4f285bd6c98abd83
SHA512

d18e52c00dd032c7cb2dc10403697af5a43d6e1d981d96c55d119153de2e07f1ca9840f16d925203148b3d273fa565bd264a8d44be21c5551ce6816295623981
SSDEEP

6144:eELlfCmrHN6mgbGv0W66JqdCRKLZ2ZVJcP0pUu9NI7O:eELVCm7N6mqGvv6JdCRKLSVJcPeN+O

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  669fb87469bf6198bd88b6cf8dba703f_JaffaCakes118
- Size
  
  289KB
- MD5
  
  669fb87469bf6198bd88b6cf8dba703f
- SHA1
  
  787926ac1f2fd48be39a9ca2a53e1bedc6cff8d6
- SHA256
  
  543889e0182a23fb15013679384402798714bad21e59a84e4f285bd6c98abd83
- SHA512
  
  d18e52c00dd032c7cb2dc10403697af5a43d6e1d981d96c55d119153de2e07f1ca9840f16d925203148b3d273fa565bd264a8d44be21c5551ce6816295623981
- SSDEEP
  
  6144:eELlfCmrHN6mgbGv0W66JqdCRKLZ2ZVJcP0pUu9NI7O:eELVCm7N6mqGvv6JdCRKLSVJcPeN+O
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer