06bdae23126a4245047429b636ef5c04a54335a9c693eb326655a729f1d6b8fa | Triage

Sharing

General

Target

87d5863470bacc58f43dab67f11f2153_JaffaCakes118
Size

169KB
Sample

240810-1wf8tszeqn
MD5

87d5863470bacc58f43dab67f11f2153
SHA1

8a60c98197cb0952edbce6f07b5d12091a3ac1ee
SHA256

06bdae23126a4245047429b636ef5c04a54335a9c693eb326655a729f1d6b8fa
SHA512

e10bd9c46b73e1f30a5db1c2fc4f3f634e29758bb7a612e71de8c81088393a21fed6ee520fd3f8663b1477778e50776ac6aada59daa7a21277e17503c7b30a04
SSDEEP

3072:q0uAdU5EQeDTl4cD37gG2Z91myCvy2ak5mo:qDAdceScDcGKfmysaL

Score

6^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  87d5863470bacc58f43dab67f11f2153_JaffaCakes118
- Size
  
  169KB
- MD5
  
  87d5863470bacc58f43dab67f11f2153
- SHA1
  
  8a60c98197cb0952edbce6f07b5d12091a3ac1ee
- SHA256
  
  06bdae23126a4245047429b636ef5c04a54335a9c693eb326655a729f1d6b8fa
- SHA512
  
  e10bd9c46b73e1f30a5db1c2fc4f3f634e29758bb7a612e71de8c81088393a21fed6ee520fd3f8663b1477778e50776ac6aada59daa7a21277e17503c7b30a04
- SSDEEP
  
  3072:q0uAdU5EQeDTl4cD37gG2Z91myCvy2ak5mo:qDAdceScDcGKfmysaL
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer