453c206c6ea6dcb57c353d005599e61a90d096cabdf58fc49c2abd60984b706f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e17b93f503376989b55f0591c791e953_JaffaCakes118
Size

280KB
Sample

240915-cdlhtszdnm
MD5

e17b93f503376989b55f0591c791e953
SHA1

dc0d02a817231a195f0db4d6c5b3343055d30653
SHA256

453c206c6ea6dcb57c353d005599e61a90d096cabdf58fc49c2abd60984b706f
SHA512

39f6f5bdc659546b01ae8525d84dab338f11ab76f48b3e5e578cc08310c7f4324fb695061056bd3da8eb9d940179fa6f344d51e6cfcd3be20def50134fee9cf9
SSDEEP

3072:H1xEcvtag4cl2EcVX/B2xApB8814JbVtPI0kr4HED3IINNKnLt3IVW91ysSwDfND:/TFamcckX1+fwnUQIzn10Yt

Score

8^/10

adware defense_evasion discovery persistence stealer

Malware Config

Targets

- Target
  
  e17b93f503376989b55f0591c791e953_JaffaCakes118
- Size
  
  280KB
- MD5
  
  e17b93f503376989b55f0591c791e953
- SHA1
  
  dc0d02a817231a195f0db4d6c5b3343055d30653
- SHA256
  
  453c206c6ea6dcb57c353d005599e61a90d096cabdf58fc49c2abd60984b706f
- SHA512
  
  39f6f5bdc659546b01ae8525d84dab338f11ab76f48b3e5e578cc08310c7f4324fb695061056bd3da8eb9d940179fa6f344d51e6cfcd3be20def50134fee9cf9
- SSDEEP
  
  3072:H1xEcvtag4cl2EcVX/B2xApB8814JbVtPI0kr4HED3IINNKnLt3IVW91ysSwDfND:/TFamcckX1+fwnUQIzn10Yt
Score

8^/10

adware defense_evasion discovery persistence stealer
- Adds policy Run key to start application
  persistence
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Safe Mode Boot

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwaredefense_evasiondiscoverypersistencestealer

behavioral2

adwaredefense_evasiondiscoverypersistencestealer