02e19dbd6a4b318f9764d0d5370e6fec18a0a9ff053e61b1545544daebf405ac | Triage

Sharing

General

Target

b3ea3dc91a3f98e8daab98aa50436494_JaffaCakes118
Size

128KB
Sample

240821-samjqavclh
MD5

b3ea3dc91a3f98e8daab98aa50436494
SHA1

4598b65d8f2a1c0763ace3c3449eabc01de0c4b7
SHA256

02e19dbd6a4b318f9764d0d5370e6fec18a0a9ff053e61b1545544daebf405ac
SHA512

76deb2c3bad830fe5085482c3e301c1417d3b1b20fd8e5453037ed0dba7449464cfd73da20bf2e52bfad2b0b5b8696889c81ab5662c2354a9cfff79faf961502
SSDEEP

3072:EmeDmBqskJoq3u987hv4V7od5jvnCExy4z4HZFMEck+f:E8Fye8tv4V745zPyRHcEckc

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  b3ea3dc91a3f98e8daab98aa50436494_JaffaCakes118
- Size
  
  128KB
- MD5
  
  b3ea3dc91a3f98e8daab98aa50436494
- SHA1
  
  4598b65d8f2a1c0763ace3c3449eabc01de0c4b7
- SHA256
  
  02e19dbd6a4b318f9764d0d5370e6fec18a0a9ff053e61b1545544daebf405ac
- SHA512
  
  76deb2c3bad830fe5085482c3e301c1417d3b1b20fd8e5453037ed0dba7449464cfd73da20bf2e52bfad2b0b5b8696889c81ab5662c2354a9cfff79faf961502
- SSDEEP
  
  3072:EmeDmBqskJoq3u987hv4V7od5jvnCExy4z4HZFMEck+f:E8Fye8tv4V745zPyRHcEckc
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer