f790237da3728fcd49c76713cccab6f07217c6ecffc3f8b781d08b6ed4ef5dbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4e917fb160cf500f5d9bf15a90fc779_JaffaCakes118
Size

128KB
Sample

240908-wc9c2s1eqe
MD5

d4e917fb160cf500f5d9bf15a90fc779
SHA1

379e4b1070e4063869622e1786494f0947e4b049
SHA256

f790237da3728fcd49c76713cccab6f07217c6ecffc3f8b781d08b6ed4ef5dbc
SHA512

488e1476a7449a75adb521e0c13e6733d3368e65e66a5bdac2361580a2150d9b75c07ad1a749917355cef11127fa043cb3d5bb5ae05e3d12ef93aef5c4cf76b5
SSDEEP

3072:EmeDmBqskJ2kekaOSJCtu2jZf2sB1lzT4+Pltb/MWgzfrSvx4:E8xkex32J1B1S+9lqzf04

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  d4e917fb160cf500f5d9bf15a90fc779_JaffaCakes118
- Size
  
  128KB
- MD5
  
  d4e917fb160cf500f5d9bf15a90fc779
- SHA1
  
  379e4b1070e4063869622e1786494f0947e4b049
- SHA256
  
  f790237da3728fcd49c76713cccab6f07217c6ecffc3f8b781d08b6ed4ef5dbc
- SHA512
  
  488e1476a7449a75adb521e0c13e6733d3368e65e66a5bdac2361580a2150d9b75c07ad1a749917355cef11127fa043cb3d5bb5ae05e3d12ef93aef5c4cf76b5
- SSDEEP
  
  3072:EmeDmBqskJ2kekaOSJCtu2jZf2sB1lzT4+Pltb/MWgzfrSvx4:E8xkex32J1B1S+9lqzf04
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer