e513d0b818c7d522f0c70315236d921926aea546d225279c299bda9bbd164f0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a45d90987d19f384f498a75ed503e655_JaffaCakes118
Size

128KB
Sample

240817-1814rstakl
MD5

a45d90987d19f384f498a75ed503e655
SHA1

091bd27ba806fb35617e0a109bf1e75e928e5b96
SHA256

e513d0b818c7d522f0c70315236d921926aea546d225279c299bda9bbd164f0d
SHA512

4933d6450f18ce2979eb6c2cd53207a48e724ba6424c87ae9243cef6415b1a0eaba03b705b2d1068ec8ee244c9993e78cb3585c2b6597871c74f20d1b239cf18
SSDEEP

3072:EmeDmBqskJ0f03ydijRNNakliKQpvUojT8YTEyYdU:E8Pf03yuH/Qp7T8YTnYdU

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  a45d90987d19f384f498a75ed503e655_JaffaCakes118
- Size
  
  128KB
- MD5
  
  a45d90987d19f384f498a75ed503e655
- SHA1
  
  091bd27ba806fb35617e0a109bf1e75e928e5b96
- SHA256
  
  e513d0b818c7d522f0c70315236d921926aea546d225279c299bda9bbd164f0d
- SHA512
  
  4933d6450f18ce2979eb6c2cd53207a48e724ba6424c87ae9243cef6415b1a0eaba03b705b2d1068ec8ee244c9993e78cb3585c2b6597871c74f20d1b239cf18
- SSDEEP
  
  3072:EmeDmBqskJ0f03ydijRNNakliKQpvUojT8YTEyYdU:E8Pf03yuH/Qp7T8YTnYdU
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer