54b0a40c4de5b23fc3722e56c3e1e7164c27fae1b784815b811fe3596d87ace4 | Triage

Sharing

General

Target

cdfe9c9ea2ba9e058c0128f65cd890e4_JaffaCakes118
Size

128KB
Sample

240905-1dlqlazcpj
MD5

cdfe9c9ea2ba9e058c0128f65cd890e4
SHA1

6fee1e1fbcf16b245590a4353688567b64a66866
SHA256

54b0a40c4de5b23fc3722e56c3e1e7164c27fae1b784815b811fe3596d87ace4
SHA512

216378faa18c3ec8d91d674306029b17f848473502b3d81408222ff4b222bf3f1e28c3aee60321dd1b1943a784a52108d6ba59e16c29b2a6073d30eb7b16c540
SSDEEP

3072:EmeDmBqskJJFHDNCBqri58lS69itYRMEj8rT/2VIjV:E8MjNCkri5f0itYRg/2VIjV

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  cdfe9c9ea2ba9e058c0128f65cd890e4_JaffaCakes118
- Size
  
  128KB
- MD5
  
  cdfe9c9ea2ba9e058c0128f65cd890e4
- SHA1
  
  6fee1e1fbcf16b245590a4353688567b64a66866
- SHA256
  
  54b0a40c4de5b23fc3722e56c3e1e7164c27fae1b784815b811fe3596d87ace4
- SHA512
  
  216378faa18c3ec8d91d674306029b17f848473502b3d81408222ff4b222bf3f1e28c3aee60321dd1b1943a784a52108d6ba59e16c29b2a6073d30eb7b16c540
- SSDEEP
  
  3072:EmeDmBqskJJFHDNCBqri58lS69itYRMEj8rT/2VIjV:E8MjNCkri5f0itYRg/2VIjV
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer