Overview

overview

7

Static

static

3

a11e60af1c...18.exe

windows7-x64

7

a11e60af1c...18.exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

tabbar.dll

windows7-x64

6

tabbar.dll

windows10-2004-x64

6

tabbar.exe

windows7-x64

6

tabbar.exe

windows10-2004-x64

6

tbrn.exe

windows7-x64

3

tbrn.exe

windows10-2004-x64

3

tbva.exe

windows7-x64

3

tbva.exe

windows10-2004-x64

3

uninstall.exe

windows7-x64

3

uninstall.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a11e60af1c2434687d1a74f6dbfa5b18_JaffaCakes118

  • Size

    198KB

  • Sample

    240817-ejmn7awdld

  • MD5

    a11e60af1c2434687d1a74f6dbfa5b18

  • SHA1

    1ee1da0370d7f9d08aefee4fa39c4f18ca0cd7cb

  • SHA256

    292826153076ed8400acdf93ae20a760c78980dbc9671fce02c61e7336edf900

  • SHA512

    216eccace0d98933ef791d37bbc55099cc53ebdc52db10b54c66353bc935315248bc7db68331becb8e0cd99145c5f294734111fc5eb8d815b75e4ba05755efcc

  • SSDEEP

    3072:/gXdZt9P6D3XJEJuqguI45awDc6EwPBRhgC09hiDFuYqTy7uoQk+fBRpE9:/e34mgtuV5a9CBP0HkBTBQnBi

Score
7/10
adwarediscoverystealer

Malware Config

Targets

    • Target

      a11e60af1c2434687d1a74f6dbfa5b18_JaffaCakes118

    • Size

      198KB

    • MD5

      a11e60af1c2434687d1a74f6dbfa5b18

    • SHA1

      1ee1da0370d7f9d08aefee4fa39c4f18ca0cd7cb

    • SHA256

      292826153076ed8400acdf93ae20a760c78980dbc9671fce02c61e7336edf900

    • SHA512

      216eccace0d98933ef791d37bbc55099cc53ebdc52db10b54c66353bc935315248bc7db68331becb8e0cd99145c5f294734111fc5eb8d815b75e4ba05755efcc

    • SSDEEP

      3072:/gXdZt9P6D3XJEJuqguI45awDc6EwPBRhgC09hiDFuYqTy7uoQk+fBRpE9:/e34mgtuV5a9CBP0HkBTBQnBi

    Score
    7/10
    discovery

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $PLUGINSDIR/InstallOptions.dll

    • Size

      14KB

    • MD5

      0dc0cc7a6d9db685bf05a7e5f3ea4781

    • SHA1

      5d8b6268eeec9d8d904bc9d988a4b588b392213f

    • SHA256

      8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c

    • SHA512

      814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0

    • SSDEEP

      192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo

    Score
    3/10
    discovery
    behavioral3behavioral4

    • Target

      tabbar.dll

    • Size

      98KB

    • MD5

      235ad21c39a0f0ed411bcd63a9874b0e

    • SHA1

      4d0bff4c2ea96e59023e0c565f2f0446469f1586

    • SHA256

      899e3633140841fc5386c537684f53766679ba74912523c06ecf67e34abf155f

    • SHA512

      9763430d9d45ff3036fdaf48bbec642136683e7d7e201a634a4e316e841e371e741399e260447ff6e6489d47a0f75cda8bfe2054a12c85098ccb87bb706548ef

    • SSDEEP

      1536:BZKD1A5b86/9Z2rSEd9vp5GS4R97wQgbrobJ1bQBDR2ebA3BY:BoDmGa7tEd9fMJjhbJ1bQNwOaBY

    Score
    6/10
    adwarediscoverystealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral5behavioral6

    • Target

      tabbar.exe

    • Size

      90KB

    • MD5

      d4e5b5ea3ffda624305ff48e5ab05e84

    • SHA1

      763c60df7c7dfb051fe4c392726fe2e476b06980

    • SHA256

      0fbecc46f3fe9064d5d222850e0c00238827a054a190efda6d2602e5acdbcd40

    • SHA512

      29ac5c65645af9c1f2c811fa36f9fa2ef4ab3ddee027c90aa3266a9756841da84098149d1a36ae5ad8d9722c92d67b709611fc743cf4f3216c98b698c0fc7af8

    • SSDEEP

      1536:fPMAtEys6EVTc1NV2X3rqwSVeao+2UieJQZgOHWj/pO830g:fPr6ys62Tc1D2XlS43DUFJQZgOHWj/AG

    Score
    6/10
    discovery

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral7behavioral8

    • Target

      tbrn.exe

    • Size

      30KB

    • MD5

      0aa4c3ee8e48f589eeabfd158603793b

    • SHA1

      4f822823c06e884fc3ca44672e35a3b596700f87

    • SHA256

      1dab75fbc66c35709d95003621ef9f9717596171e5fc717589c5694dba3ba44f

    • SHA512

      c0c63b4d5073914ba9d6abfbfcb947c88bedb61566aa92bc9cfb99a407ad9e7a289c69849f7015bf4e38f8789fe729ee0b2872e7e335bfd7cce757b9e708e506

    • SSDEEP

      384:ZE+3dyWCmTpApqe661dr+ypbiMCwy3mirILzMLdfuSSuF:ZEYR8l+yliMFIILzC4y

    Score
    3/10
    discovery
    behavioral10behavioral9

    • Target

      tbva.exe

    • Size

      46KB

    • MD5

      b43b844b6c1350143943886ed5bb8a9c

    • SHA1

      240629dadb342b543cc0b4b342286f96a04629aa

    • SHA256

      ecab8b722c894d350a8c190933ed268c662ee7a0c737c0abc6418bf9a9a4b432

    • SHA512

      c63430802f6327817aaa235b41b1d1f1be34fa545819b03a95cdbd334bda5660f9c3c0f88ac616f8008ca1ba97c206f63c920abce4fd7ca46ba655a5dbaefc89

    • SSDEEP

      768:1UnQ/ItSaKnfCzRwHTzjbqsbZ+KIILzCO:1UnE+SjfCtwzbqsbYG37

    Score
    3/10
    discovery
    behavioral11behavioral12

    • Target

      uninstall.exe

    • Size

      62KB

    • MD5

      8d4fd95f733e888a431d9dd7cd2bc0ab

    • SHA1

      6163c06c18dfd0702fc73d823f7320ec5ddb301b

    • SHA256

      801111da0c65c5c1bf74d92b16d461cc14e7a0ffdaf35e8d46702760bc9ffd0d

    • SHA512

      5ed90d39f77227fc79438d15ff72cab6e697fa8a93c130fcbcca48bbb1b9d5dfbbbef74f8cff5699e5074fe7cd0c04f50b9c7d77c3a834db6eb98934b559d613

    • SSDEEP

      768:SYB3YSHibQlQA3FlkmAWdFTAJytraZtfXAw7IoCL85/TWfxMzoc7IILzC9:SA31ibKHAJytr8ZwwqLqWfxMzd338

    Score
    3/10
    discovery
    behavioral13behavioral14

MITRE ATT&CK Enterprise v15

Tasks