47b69313d3dd161650516188357156f05826d4ee245dd2d1c3cb89eef3e5bfc6 | Triage

Sharing

General

Target

a27aa07a2ce44e8c61983b14471ca8ab_JaffaCakes118
Size

153KB
Sample

240817-pc5xasvcna
MD5

a27aa07a2ce44e8c61983b14471ca8ab
SHA1

262e9cb9d74d4e864707bf53009113118424a3f6
SHA256

47b69313d3dd161650516188357156f05826d4ee245dd2d1c3cb89eef3e5bfc6
SHA512

a61144d9808598ac21993665ce63a1e9bcb050f192a3d035eeecb8f2b4455a01734f2345061e2769cd1ee83766f5a70bb6c04f9011cae43b7920c761204dfbba
SSDEEP

3072:NKBGxgkFmsaJz6PEPijBQuNQEuxRre93yk25d+Ju:xgk9aJz6Zj0xxVeNi+Ju

Score

6^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  a27aa07a2ce44e8c61983b14471ca8ab_JaffaCakes118
- Size
  
  153KB
- MD5
  
  a27aa07a2ce44e8c61983b14471ca8ab
- SHA1
  
  262e9cb9d74d4e864707bf53009113118424a3f6
- SHA256
  
  47b69313d3dd161650516188357156f05826d4ee245dd2d1c3cb89eef3e5bfc6
- SHA512
  
  a61144d9808598ac21993665ce63a1e9bcb050f192a3d035eeecb8f2b4455a01734f2345061e2769cd1ee83766f5a70bb6c04f9011cae43b7920c761204dfbba
- SSDEEP
  
  3072:NKBGxgkFmsaJz6PEPijBQuNQEuxRre93yk25d+Ju:xgk9aJz6Zj0xxVeNi+Ju
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer