521b1f2d3ae5ac6ecb7d4d31c629e96e30bf877550440b8749a9a5e65ff31e26 | Triage

Sharing

General

Target

81cc33a28596941def3de0626f397f77_JaffaCakes118
Size

479KB
Sample

240801-1danbsxajk
MD5

81cc33a28596941def3de0626f397f77
SHA1

ba39a62be6fbe8b31bba56c35fcefc4116e3206f
SHA256

521b1f2d3ae5ac6ecb7d4d31c629e96e30bf877550440b8749a9a5e65ff31e26
SHA512

d93fc70caf8d9f31adcce54754a3328ea92c42ae4e546100341f3526911a44002af4e9bce772c70f86b75b18949eb178e1faf438ed79dfc01853f1a3d7d42dd0
SSDEEP

6144:+AA/zYgKj4C5jwu/NEC0xeWFaxfVh0xZHyN1wHbBnirUeTATt:+D7nKj4Cn/N8klfqZHyrw7AtATt

Score

6^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  81cc33a28596941def3de0626f397f77_JaffaCakes118
- Size
  
  479KB
- MD5
  
  81cc33a28596941def3de0626f397f77
- SHA1
  
  ba39a62be6fbe8b31bba56c35fcefc4116e3206f
- SHA256
  
  521b1f2d3ae5ac6ecb7d4d31c629e96e30bf877550440b8749a9a5e65ff31e26
- SHA512
  
  d93fc70caf8d9f31adcce54754a3328ea92c42ae4e546100341f3526911a44002af4e9bce772c70f86b75b18949eb178e1faf438ed79dfc01853f1a3d7d42dd0
- SSDEEP
  
  6144:+AA/zYgKj4C5jwu/NEC0xeWFaxfVh0xZHyN1wHbBnirUeTATt:+D7nKj4Cn/N8klfqZHyrw7AtATt
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer