ede146de35d9d583dd91c2085cdd65770ce5ec7364d41c661eb3814b8ce82827 | Triage

Sharing

General

Target

dfcac422c9ad3540ae45a3b241593ef8_JaffaCakes118
Size

2.4MB
Sample

240914-jzq4rsvbkg
MD5

dfcac422c9ad3540ae45a3b241593ef8
SHA1

652cdfdaded52d5c96db6c4851b01e0a8febcaea
SHA256

ede146de35d9d583dd91c2085cdd65770ce5ec7364d41c661eb3814b8ce82827
SHA512

9a100089aadef8f17c78325d2bbb1063a0a234dccb65bf63591e93f1ce505bf5463c2d504c4c9258e11f3b3ce150f22e011730dacf0da5bb732ff4ecfbfde4be
SSDEEP

49152:Aid4fd8ZgLa/0rUExktiLc6rS9ZL414+JE:Ag4KmLacrUE+tiLTW9QPE

Score

6^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  dfcac422c9ad3540ae45a3b241593ef8_JaffaCakes118
- Size
  
  2.4MB
- MD5
  
  dfcac422c9ad3540ae45a3b241593ef8
- SHA1
  
  652cdfdaded52d5c96db6c4851b01e0a8febcaea
- SHA256
  
  ede146de35d9d583dd91c2085cdd65770ce5ec7364d41c661eb3814b8ce82827
- SHA512
  
  9a100089aadef8f17c78325d2bbb1063a0a234dccb65bf63591e93f1ce505bf5463c2d504c4c9258e11f3b3ce150f22e011730dacf0da5bb732ff4ecfbfde4be
- SSDEEP
  
  49152:Aid4fd8ZgLa/0rUExktiLc6rS9ZL414+JE:Ag4KmLacrUE+tiLTW9QPE
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2