caca5678eeaef383c827a69f0d88c1c5284bd1cfe0d39843e4f78755622294c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73ed48cc41662a26b0427383589b70c0_JaffaCakes118
Size

128KB
Sample

240726-ny27vszarb
MD5

73ed48cc41662a26b0427383589b70c0
SHA1

7ac74e20b8882efd1dc47d1f957bed41c4e65477
SHA256

caca5678eeaef383c827a69f0d88c1c5284bd1cfe0d39843e4f78755622294c1
SHA512

c017cd8fbc84a6dfbfe6b5bf5271aeb4674f23df5a233151f9f9938ccee41bd0ed6927d3df0053847df0b16d722ba1f1120d571a2ed41403e9b74821bc261430
SSDEEP

3072:EmeDmBqskJ1h9NGiekoIF/p6hgRBGxctwA/wDdI5sNtz9gkGJHQt4+ODMo:E8W4iekX3BJqA/wDdI5iSQYMo

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  73ed48cc41662a26b0427383589b70c0_JaffaCakes118
- Size
  
  128KB
- MD5
  
  73ed48cc41662a26b0427383589b70c0
- SHA1
  
  7ac74e20b8882efd1dc47d1f957bed41c4e65477
- SHA256
  
  caca5678eeaef383c827a69f0d88c1c5284bd1cfe0d39843e4f78755622294c1
- SHA512
  
  c017cd8fbc84a6dfbfe6b5bf5271aeb4674f23df5a233151f9f9938ccee41bd0ed6927d3df0053847df0b16d722ba1f1120d571a2ed41403e9b74821bc261430
- SSDEEP
  
  3072:EmeDmBqskJ1h9NGiekoIF/p6hgRBGxctwA/wDdI5sNtz9gkGJHQt4+ODMo:E8W4iekX3BJqA/wDdI5iSQYMo
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer