92afe55aba7fafe669f40ec31f339d0832d88947ef0b5d4c80789818fe48d741 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd7f0dd13dc586a41263ba384201c83b_JaffaCakes118
Size

52KB
Sample

240913-c3gaeazene
MD5

dd7f0dd13dc586a41263ba384201c83b
SHA1

df126239c49e3b4ee5249a5835650f7802b71435
SHA256

92afe55aba7fafe669f40ec31f339d0832d88947ef0b5d4c80789818fe48d741
SHA512

b11f2a43284038897dee86a28880a1fece5963c8044a3c69380b877f8c28090f62c5af03b3da560dbd9f488dad931614353260ecd662b5d3c7acbf2434c88ad3
SSDEEP

768:MsLqLyIzUUWieLCSiKvS4drDAj3k50QWTjZO3YNjEMvcYkezH3k66K8tKeaSvKKe:MAIB2LCSiKLrenOyhvEezH3kLTaCKK

Score

8^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  dd7f0dd13dc586a41263ba384201c83b_JaffaCakes118
- Size
  
  52KB
- MD5
  
  dd7f0dd13dc586a41263ba384201c83b
- SHA1
  
  df126239c49e3b4ee5249a5835650f7802b71435
- SHA256
  
  92afe55aba7fafe669f40ec31f339d0832d88947ef0b5d4c80789818fe48d741
- SHA512
  
  b11f2a43284038897dee86a28880a1fece5963c8044a3c69380b877f8c28090f62c5af03b3da560dbd9f488dad931614353260ecd662b5d3c7acbf2434c88ad3
- SSDEEP
  
  768:MsLqLyIzUUWieLCSiKvS4drDAj3k50QWTjZO3YNjEMvcYkezH3k66K8tKeaSvKKe:MAIB2LCSiKLrenOyhvEezH3kLTaCKK
Score

8^/10

adware discovery stealer
- Blocklisted process makes network request
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer