1da8466714bb0c74f56dbc98f1b096f339a1ca1173998aa09fccf016a1af0dcd | Triage

Submit
Reports

Overview

overview

7

Static

static

3

c12113870b...18.exe

windows7-x64

7

c12113870b...18.exe

windows10-2004-x64

7

Sharing

General

Target

c12113870bc359efa64dd746507caf84_JaffaCakes118
Size

86KB
Sample

240825-twpfwavelm
MD5

c12113870bc359efa64dd746507caf84
SHA1

2e3beb8b67369fbb7c7e3c89c31aaa95f3443ade
SHA256

1da8466714bb0c74f56dbc98f1b096f339a1ca1173998aa09fccf016a1af0dcd
SHA512

080a911a3004672b347f61cd5563095002c1396af3c549c94067b79d1fe2d593f0ab22fdb52c102e0e9f9fbdc73a185b9e4ee994563c196fbdd706127b8c2613
SSDEEP

1536:TSk3iCuIBFriPIFSyUWNEz+3Ap22/M0n44s5AzuaX9PZe+UgEcx6EOug83rH2T0Q:TSeriPIF9UWNEz+3Ap22/M0n44s5Azu5

Score

7^/10

adware discovery stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

c12113870bc359efa64dd746507caf84_JaffaCakes118.exe

Resource

win7-20240708-en

adware discovery stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

c12113870bc359efa64dd746507caf84_JaffaCakes118.exe

Resource

win10v2004-20240802-en

adware discovery stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  c12113870bc359efa64dd746507caf84_JaffaCakes118
- Size
  
  86KB
- MD5
  
  c12113870bc359efa64dd746507caf84
- SHA1
  
  2e3beb8b67369fbb7c7e3c89c31aaa95f3443ade
- SHA256
  
  1da8466714bb0c74f56dbc98f1b096f339a1ca1173998aa09fccf016a1af0dcd
- SHA512
  
  080a911a3004672b347f61cd5563095002c1396af3c549c94067b79d1fe2d593f0ab22fdb52c102e0e9f9fbdc73a185b9e4ee994563c196fbdd706127b8c2613
- SSDEEP
  
  1536:TSk3iCuIBFriPIFSyUWNEz+3Ap22/M0n44s5AzuaX9PZe+UgEcx6EOug83rH2T0Q:TSeriPIF9UWNEz+3Ap22/M0n44s5Azu5
Score

7^/10

adware discovery stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer

© 2018-2025

Terms | Privacy