c87404df80c9f6fa01fb6a077103512fce467fd096679665e809410ca8c5f781 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0a47c10bd083b0593af6844b0ec2ddc_JaffaCakes118
Size

148KB
Sample

240825-njl74atdpp
MD5

c0a47c10bd083b0593af6844b0ec2ddc
SHA1

8b3a782e559856df48b59590b60b0c3186487c3c
SHA256

c87404df80c9f6fa01fb6a077103512fce467fd096679665e809410ca8c5f781
SHA512

7f81945c6264a418842c7d3346330179bc3c94be74ef9c254b33e1de3b5b552219334d2e7d3635bc68a5ada2087f78253576773f266db882ff3e4da294ed9cc1
SSDEEP

3072:gkzlXY3wz24DNpJD+qxTSYC1FTOi15UYWI7VNIN:gkzlXLDrJDTxuYC1FCwjWuN

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  c0a47c10bd083b0593af6844b0ec2ddc_JaffaCakes118
- Size
  
  148KB
- MD5
  
  c0a47c10bd083b0593af6844b0ec2ddc
- SHA1
  
  8b3a782e559856df48b59590b60b0c3186487c3c
- SHA256
  
  c87404df80c9f6fa01fb6a077103512fce467fd096679665e809410ca8c5f781
- SHA512
  
  7f81945c6264a418842c7d3346330179bc3c94be74ef9c254b33e1de3b5b552219334d2e7d3635bc68a5ada2087f78253576773f266db882ff3e4da294ed9cc1
- SSDEEP
  
  3072:gkzlXY3wz24DNpJD+qxTSYC1FTOi15UYWI7VNIN:gkzlXLDrJDTxuYC1FCwjWuN
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer