a8d156230c75ae16a5c5cf04fb115807126cc0953b3c875a77150e9504795d94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be283398b6d7099b7d769a0650175c5f_JaffaCakes118
Size

154KB
Sample

240824-jhsk9szdng
MD5

be283398b6d7099b7d769a0650175c5f
SHA1

c89fce0dbb398b0ac62dbbe6cceaf07496ce617a
SHA256

a8d156230c75ae16a5c5cf04fb115807126cc0953b3c875a77150e9504795d94
SHA512

1a8c5dd761c463e81086326d60fd93530cf475de75621a828c974b0c7e1049665166eccb05464273dc50e268ff653e3493177fe485c86ad3885efcab365d7b71
SSDEEP

3072:yGEO9rq6fz1vAxRC2La3cJtxrxpAsNKnyUj5nomk:9EOh1z1yCUzJXrxGWK1omk

Score

6^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  be283398b6d7099b7d769a0650175c5f_JaffaCakes118
- Size
  
  154KB
- MD5
  
  be283398b6d7099b7d769a0650175c5f
- SHA1
  
  c89fce0dbb398b0ac62dbbe6cceaf07496ce617a
- SHA256
  
  a8d156230c75ae16a5c5cf04fb115807126cc0953b3c875a77150e9504795d94
- SHA512
  
  1a8c5dd761c463e81086326d60fd93530cf475de75621a828c974b0c7e1049665166eccb05464273dc50e268ff653e3493177fe485c86ad3885efcab365d7b71
- SSDEEP
  
  3072:yGEO9rq6fz1vAxRC2La3cJtxrxpAsNKnyUj5nomk:9EOh1z1yCUzJXrxGWK1omk
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer