Overview

overview

8

Static

static

3

a6de1dbb39...18.exe

windows7-x64

8

a6de1dbb39...18.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    a6de1dbb399eed969884a2033c511c43_JaffaCakes118

  • Size

    278KB

  • Sample

    240818-qw18wsydpl

  • MD5

    a6de1dbb399eed969884a2033c511c43

  • SHA1

    e8cd1caf3bc517acbfb61cbb51d3fe471fefc0df

  • SHA256

    ad7243d96e7fa2d469a56ea52221a0a7d55790752ba31260f9c0d3674189d4e1

  • SHA512

    1e4c431196f03de182665da55d44be090b9325d2df510aeec7ecc71ae4572eb10dbfe7a364a1ac0243035c2068eb6b0df5fafdd6daca10eaca4d266ef7fdf125

  • SSDEEP

    3072:ymp6RrGXaz58lFgCl68LUJn1JAcWbVYUsWy1iJRaD1TsWy1iJRaD:iGqz+SW4J1JAcWbVXsLwUhsLwU

Score
8/10
adwarediscoverypersistencestealer

Malware Config

Targets

    • Target

      a6de1dbb399eed969884a2033c511c43_JaffaCakes118

    • Size

      278KB

    • MD5

      a6de1dbb399eed969884a2033c511c43

    • SHA1

      e8cd1caf3bc517acbfb61cbb51d3fe471fefc0df

    • SHA256

      ad7243d96e7fa2d469a56ea52221a0a7d55790752ba31260f9c0d3674189d4e1

    • SHA512

      1e4c431196f03de182665da55d44be090b9325d2df510aeec7ecc71ae4572eb10dbfe7a364a1ac0243035c2068eb6b0df5fafdd6daca10eaca4d266ef7fdf125

    • SSDEEP

      3072:ymp6RrGXaz58lFgCl68LUJn1JAcWbVYUsWy1iJRaD1TsWy1iJRaD:iGqz+SW4J1JAcWbVXsLwUhsLwU

    Score
    8/10
    adwarediscoverypersistencestealer

    • Adds policy Run key to start application

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks