Overview

overview

7

Static

static

3

8aa7a85b0e...18.exe

windows7-x64

7

8aa7a85b0e...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8aa7a85b0e8635673ad8f29b51643316_JaffaCakes118

  • Size

    252KB

  • Sample

    240811-relybaxaqa

  • MD5

    8aa7a85b0e8635673ad8f29b51643316

  • SHA1

    44009dcd589a87f689a201e962f76f7c44acb694

  • SHA256

    3a1c2c4f7306122d9cc9000d2a0290671214f168f5813d9e8a4bb0f19cf5ff92

  • SHA512

    4b5f3a08f6d060ccacf81e4ed66626865a4a5093064c3319a31164036014323fa46635b93054153ce04bb6ecf1189f1e7b8c6cd45830a080010c570b59652c24

  • SSDEEP

    6144:91OgDPdkBAFZWjadD4sW0BMnO2olfhEf0hBQ:91OgLdaXQM1e5Ewa

Score
7/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      8aa7a85b0e8635673ad8f29b51643316_JaffaCakes118

    • Size

      252KB

    • MD5

      8aa7a85b0e8635673ad8f29b51643316

    • SHA1

      44009dcd589a87f689a201e962f76f7c44acb694

    • SHA256

      3a1c2c4f7306122d9cc9000d2a0290671214f168f5813d9e8a4bb0f19cf5ff92

    • SHA512

      4b5f3a08f6d060ccacf81e4ed66626865a4a5093064c3319a31164036014323fa46635b93054153ce04bb6ecf1189f1e7b8c6cd45830a080010c570b59652c24

    • SSDEEP

      6144:91OgDPdkBAFZWjadD4sW0BMnO2olfhEf0hBQ:91OgLdaXQM1e5Ewa

    Score
    7/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks