8e048aa41cf6a60f00417a7a7fe9d2c95b1b2b64babf7ba781ab59ebd134f339 | Triage

Submit
Reports

Overview

overview

Static

static

3

d61cdfc3d8...18.dll

windows10-1703-x64

Resubmissions

09-09-2024 11:26

240909-nj36lsvfkp 10

09-09-2024 11:26

240909-njyacsvfjr 3

09-09-2024 11:20

240909-nftg1axdrd 10

09-09-2024 10:15

240909-mahymsvgmb 10

Sharing

General

Target

d61cdfc3d8498f40ec41398a38ca1ac1_JaffaCakes118
Size

43KB
Sample

240909-nftg1axdrd
MD5

d61cdfc3d8498f40ec41398a38ca1ac1
SHA1

f00dda3da918ed8a700ab666e35d63b25afdb529
SHA256

8e048aa41cf6a60f00417a7a7fe9d2c95b1b2b64babf7ba781ab59ebd134f339
SHA512

0f383ac0a92a9da6caf0e95d9bde7649422bf700c1113c3d17bae564ee085359171b444bbce2123da79f871757f5bb0ed1fe3d019b3df014ced4bb121d1b7948
SSDEEP

768:W2gKfufDjRZK6olxvNKdH0xs2Q6MSsARplzF5+RmhSduU:xgKfu/RZiTs96MSsAVzP+Rm+u

Score

10^/10

adware defense_evasion discovery evasion stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d61cdfc3d8498f40ec41398a38ca1ac1_JaffaCakes118.dll

Resource

win10-20240404-en

adware defense_evasion discovery evasion stealer

windows10-1703-x64

21 signatures

1800 seconds

Malware Config

Targets

- Target
  
  d61cdfc3d8498f40ec41398a38ca1ac1_JaffaCakes118
- Size
  
  43KB
- MD5
  
  d61cdfc3d8498f40ec41398a38ca1ac1
- SHA1
  
  f00dda3da918ed8a700ab666e35d63b25afdb529
- SHA256
  
  8e048aa41cf6a60f00417a7a7fe9d2c95b1b2b64babf7ba781ab59ebd134f339
- SHA512
  
  0f383ac0a92a9da6caf0e95d9bde7649422bf700c1113c3d17bae564ee085359171b444bbce2123da79f871757f5bb0ed1fe3d019b3df014ced4bb121d1b7948
- SSDEEP
  
  768:W2gKfufDjRZK6olxvNKdH0xs2Q6MSsARplzF5+RmhSduU:xgKfu/RZiTs96MSsAVzP+Rm+u
Score

10^/10

adware defense_evasion discovery evasion stealer
- Modifies firewall policy service
  evasion
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies Security services
  Modifies the startup behavior of a security service.
  defense_evasion
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Safe Mode Boot

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwaredefense_evasiondiscoveryevasionstealer

© 2018-2024

Terms | Privacy