1c0ea41a70781315440312506580579d6cec23288406d54adfc9fe12d4980ddb | Triage

Sharing

General

Target

b66d9603d3359ccb1aabc9f5779b0553_JaffaCakes118
Size

216KB
Sample

240822-fl6qhsshnq
MD5

b66d9603d3359ccb1aabc9f5779b0553
SHA1

d0e24bdd8ef3da5fc82540f11a983de2f921f1d4
SHA256

1c0ea41a70781315440312506580579d6cec23288406d54adfc9fe12d4980ddb
SHA512

44bce501e229c0eb863f185dc60f30315e353fad1fe3c7ad39e47cde02f05ee6710e04a220012e77a33d886b1ca0c34e1f27f8d33ca53210384ce16906687e53
SSDEEP

6144:HCaFa8yclQhILyrBNDgb4+tAwB1xpxl0bWn1CGnjjiQzefT:iaFdWrorjPiL

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  b66d9603d3359ccb1aabc9f5779b0553_JaffaCakes118
- Size
  
  216KB
- MD5
  
  b66d9603d3359ccb1aabc9f5779b0553
- SHA1
  
  d0e24bdd8ef3da5fc82540f11a983de2f921f1d4
- SHA256
  
  1c0ea41a70781315440312506580579d6cec23288406d54adfc9fe12d4980ddb
- SHA512
  
  44bce501e229c0eb863f185dc60f30315e353fad1fe3c7ad39e47cde02f05ee6710e04a220012e77a33d886b1ca0c34e1f27f8d33ca53210384ce16906687e53
- SSDEEP
  
  6144:HCaFa8yclQhILyrBNDgb4+tAwB1xpxl0bWn1CGnjjiQzefT:iaFdWrorjPiL
Score

7^/10

adware discovery stealer
- Modifies file permissions
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer