fb73f3eeec877bca2a0b3a9cce8416ce11ceec7aee82277896a11c08686d2f16 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

eabc72853f...18.exe

windows7-x64

7

eabc72853f...18.exe

windows10-2004-x64

7

Sharing

General

Target

eabc72853fb8f18c4899eb163dfa2415_JaffaCakes118
Size

2.0MB
Sample

240919-gx786avcqp
MD5

eabc72853fb8f18c4899eb163dfa2415
SHA1

23e00f54e9dd89a8ee3830913b4fc676910cbf75
SHA256

fb73f3eeec877bca2a0b3a9cce8416ce11ceec7aee82277896a11c08686d2f16
SHA512

556f47de7441fdb0a15a3dd62d2ce4326228ba3b726e6921a6430d77f0eb966cc5700d9112a24da81cacf7bf048039243a75762f654852e063703827b6251c3f
SSDEEP

24576:x5b8rFrYRFS7Iid6Nx7izcFsaWrtLTOITQA6kOStpbspT63cGnJ/2aDZM/2YH7Xf:crFrZDd6ziVTOITQAOpT63cGnJ/WbJfx

Score

7^/10

adware discovery evasion stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

eabc72853fb8f18c4899eb163dfa2415_JaffaCakes118.exe

Resource

win7-20240903-en

adware discovery evasion stealer trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

eabc72853fb8f18c4899eb163dfa2415_JaffaCakes118.exe

Resource

win10v2004-20240802-en

adware discovery evasion stealer trojan

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  eabc72853fb8f18c4899eb163dfa2415_JaffaCakes118
- Size
  
  2.0MB
- MD5
  
  eabc72853fb8f18c4899eb163dfa2415
- SHA1
  
  23e00f54e9dd89a8ee3830913b4fc676910cbf75
- SHA256
  
  fb73f3eeec877bca2a0b3a9cce8416ce11ceec7aee82277896a11c08686d2f16
- SHA512
  
  556f47de7441fdb0a15a3dd62d2ce4326228ba3b726e6921a6430d77f0eb966cc5700d9112a24da81cacf7bf048039243a75762f654852e063703827b6251c3f
- SSDEEP
  
  24576:x5b8rFrYRFS7Iid6Nx7izcFsaWrtLTOITQA6kOStpbspT63cGnJ/2aDZM/2YH7Xf:crFrZDd6ziVTOITQAOpT63cGnJ/WbJfx
Score

7^/10

adware discovery evasion stealer trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryevasionstealertrojan

behavioral2

adwarediscoveryevasionstealertrojan

© 2018-2025

Terms | Privacy