37a9e383f3c4374c2d1d93036e5fb14fc8e18112a888580d2165c0619b3f4a0d

Sharing

Copy URL

Twitter E-mail

General

Target

f03de4eb3fe357252988d27cfdfcea8a_JaffaCakes118
Size

439KB
Sample

240921-vgztqstcll
MD5

f03de4eb3fe357252988d27cfdfcea8a
SHA1

de6c1e6602dd6fa8ae3838b3bb945c5dd14fe76d
SHA256

37a9e383f3c4374c2d1d93036e5fb14fc8e18112a888580d2165c0619b3f4a0d
SHA512

68a651543d6a1adb76ddd54e7e6a5047b94c6666e848f56ead880a142b2401c4505cc10b12e4de08d0cfd3c1a626f5a949b9a1d8b10a76eeac7f27d294815f08
SSDEEP

12288:6xBrte102j3bdINgI/RMqIzyZlHNdJtdPQ5meaqC54:67r2hQp/DOy35tdP3exCy

Score

7^/10

Malware Config

Targets

- Target
  
  f03de4eb3fe357252988d27cfdfcea8a_JaffaCakes118
- Size
  
  439KB
- MD5
  
  f03de4eb3fe357252988d27cfdfcea8a
- SHA1
  
  de6c1e6602dd6fa8ae3838b3bb945c5dd14fe76d
- SHA256
  
  37a9e383f3c4374c2d1d93036e5fb14fc8e18112a888580d2165c0619b3f4a0d
- SHA512
  
  68a651543d6a1adb76ddd54e7e6a5047b94c6666e848f56ead880a142b2401c4505cc10b12e4de08d0cfd3c1a626f5a949b9a1d8b10a76eeac7f27d294815f08
- SSDEEP
  
  12288:6xBrte102j3bdINgI/RMqIzyZlHNdJtdPQ5meaqC54:67r2hQp/DOy35tdP3exCy
Score

7^/10

adware discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  c17103ae9072a06da581dec998343fc1
- SHA1
  
  b72148c6bdfaada8b8c3f950e610ee7cf1da1f8d
- SHA256
  
  dc58d8ad81cacb0c1ed72e33bff8f23ea40b5252b5bb55d393a0903e6819ae2f
- SHA512
  
  d32a71aaef18e993f28096d536e41c4d016850721b31171513ce28bbd805a54fd290b7c3e9d935f72e676a1acfb4f0dcc89d95040a0dd29f2b6975855c18986f
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/UAC.dll
- Size
  
  17KB
- MD5
  
  88ad3fd90fc52ac3ee0441a38400a384
- SHA1
  
  08bc9e1f5951b54126b5c3c769e3eaed42f3d10b
- SHA256
  
  e58884695378cf02715373928bb8ade270baf03144369463f505c3b3808cbc42
- SHA512
  
  359496f571e6fa2ec4c5ab5bd1d35d1330586f624228713ae55c65a69e07d8623022ef54337c22c3aab558a9b74d9977c8436f5fea4194899d9ef3ffd74e7dbb
- SSDEEP
  
  384:59TzaeW+WyB8c7LX+OGkrwWvVrkUiEMAWm5nskAvXkq:5ZaB+W62Mr5vGUiEum5sk
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/inetc.dll
- Size
  
  20KB
- MD5
  
  4c01fdfd2b57b32046b3b3635a4f4df8
- SHA1
  
  e0af8e418cbe2b2783b5de93279a3b5dcb73490e
- SHA256
  
  b98e21645910f82b328f30c644b86c112969b42697e797671647b09eb40ad014
- SHA512
  
  cbd354536e2a970d31ba69024208673b1dc56603ad604ff17c5840b4371958fc22bafd90040ae3fb19ae9c248b2cfce08d0bc73cc93481f02c73b86dbc0697b2
- SSDEEP
  
  384:rJBJ8VnX8K+uKn2WQJdxbs3aEUhU7ya4L60Ac9khYLMkIX0+GwNyEAG:3J8+K+uK2WQJdxbsqEUhUua4L6AG
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  chrome/content/browserevents.js
- Size
  
  4KB
- MD5
  
  96cffb3122dd86e977dd746f569666c0
- SHA1
  
  a01260d7c7ee249d894f1a1d45299864b2108f3a
- SHA256
  
  f0e01c750e0cff8de199ed2da86af8d5ea7893a7de59b7373282c92417288e7b
- SHA512
  
  4badcc558e4a9e676a670762e1248c270e8087405365b0c2325c29b1e7e00a46e0161ddb548fbea8e69d6cf3205b4dc88c13f7c6772305aab95276f846f73849
- SSDEEP
  
  48:sNdJKLYKLt8CMKptqVvoNOzVJRmGbZOqzS3EWEpRo46l6QtUrJGlJ+KlXcoCVYED:sLJQYQxL7WFTRDnB6ltJ+KCnomD18a7
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  chrome/content/configuration.js
- Size
  
  8KB
- MD5
  
  c290e5c047ff7f4331d27c83b757a98a
- SHA1
  
  cf9efe0ead17cd7f284436fd386eee7c1c46fd6d
- SHA256
  
  d02412266c27229c603f7a6e1f97456bb7e5b9f9da9e284f7810edf04b413de4
- SHA512
  
  105e74a4756ffe13159c1f34a7aa01358198af7b46765159a45918ebce73de8ba8573c9a43c7a6d6d4fd6f09214227dc7ac497c90e8df1619ad029fdf64a917b
- SSDEEP
  
  96:LRhNr6IwgnSFSpqKdWt3iepF0cmI8U/4dWx:dhJ6AnSFSpqKk3ieptpF/4c
Score

3^/10

execution
behavioral11 behavioral12
- Target
  
  chrome/content/consts.js
- Size
  
  1KB
- MD5
  
  92ee884221215a25bd01defabd089955
- SHA1
  
  dcb4bc4ef55d76a156c45ab5982ea615f3f98157
- SHA256
  
  954ea39b5fffd33b9a7f532df4b174b7bb93a862a319fe5bac593af9d48f28cd
- SHA512
  
  49a63554dd766f468d863bc758e069ef0f5521c6d4cd1d758faa7d1d158aef28bf8ee52f3c411645395eee926094b765f8a449b5a82ec60c489bce331f7768f1
Score

3^/10

execution
behavioral13 behavioral14
- Target
  
  chrome/content/diagnostics.js
- Size
  
  1KB
- MD5
  
  bbb53533b7cec2039b2b33b98e7e87fd
- SHA1
  
  f14512f9b397bdb4202d39acf5959ca056389970
- SHA256
  
  93ce6427de950a599d0475d33ac9c42610613f434a3d3706cff634ef7654ac8a
- SHA512
  
  bf484d7cd7b23ac99419f80ccf51464561fff3cdddd3bb2a3549b37e9c54f3bbd76499bc65a4328e48b5698258fc6207cb7d393561b12b078f798f9b5d1d829b
Score

3^/10

execution
behavioral15 behavioral16
- Target
  
  chrome/content/jquery-1.4.4.min.js
- Size
  
  76KB
- MD5
  
  b76fc63a9c3fc4293fb90990818dd100
- SHA1
  
  7d591c32b44e66c2b1aadec2dd0d1e2f88a5bb3a
- SHA256
  
  48d685402b465594e6ec567be7f1cddcedadc9b6721f5eed1ffe7555c15ef0dc
- SHA512
  
  8694c0da19bb9586b3a9ea8a791978a3dba3f4edc397a058fde91ff1a863432b039ead2e3b3758c10581da93ad1ced52a334de57b38a6e7e935ad9798075f473
- SSDEEP
  
  1536:KqlVunnadmaVWfGx7SD/7VBfuwNPY9TV6k+tly3p40CSoPjCAl6jHkA4x9K:KQQadLy7aVCSojlakA4x9K
Score

3^/10

execution
behavioral17 behavioral18
- Target
  
  chrome/content/main.js
- Size
  
  7KB
- MD5
  
  b021e21578f88ac2b97e572d79a514b0
- SHA1
  
  6d12cdc2e253623fbe98328515db4a5ee9bac09d
- SHA256
  
  29926a73b296fac2849cc9b72b133de4dc211bd48aeae230b2372390c8b601f7
- SHA512
  
  5ccbbe3b0242353383b9ff3fc896918d1886b3988b94801d7deb877e2aa0bb87de59487607192819961a665981b62fe31995b0b4f5c28b72190a21ea9b4c91ff
- SSDEEP
  
  96:T1eavIXyarDKyBa3PKUd2yp0YBFaCRqi9JIi3cXGuV:RTvICa6yMrnNYijgGuV
Score

3^/10

execution
behavioral19 behavioral20
- Target
  
  chrome/content/request.js
- Size
  
  9KB
- MD5
  
  7a451346dc1b04a834f4d0240ac078b6
- SHA1
  
  8a118ae53803dfef5f51a8c3faea8b73d50e1ecc
- SHA256
  
  3e38b24382fc980c99c9aa4a2c033ed4e267d344fd6f1894e7bb2418d28bc8e7
- SHA512
  
  f000775113256b0e6d7bd3d10ced1f5bb9cfc5277073e610c2bb38ab355bd24f52de6bcbb0d3185b7a08ce72e38068fd81dee6dab5d44e57d13bbfcfc04d5faa
- SSDEEP
  
  96:hPCgUuMD8geKUofooHKH8odI0ydG8qoILoxKGOkcGFqYVOaCG/qYXjR48nCzIGzA:hqvuMD8glwIq/q+z83AkRYaDXtj
Score

3^/10

execution
behavioral21 behavioral22
- Target
  
  chrome/content/script.js
- Size
  
  15KB
- MD5
  
  d7bb071a799c196eaeabdb623a948cb6
- SHA1
  
  7dc56f2b20b4a09ed326595cee79ead3836b7b45
- SHA256
  
  9c56d28e1ed0473aa2a8078ff64f9b2a9e105ba3847e5b7636bd09e39e829356
- SHA512
  
  e78aae4f9bef8b9716bd9460190b9aa573e5678275af1df362039612bedc1ccc053c56db02a24612bf649821775de2dbcecc25691b2035afa99c6b3a8693a7e1
- SSDEEP
  
  384:ZfzbFV2KYuFf4hLm2a4Ol/nrVBOFXf3V+47Hb1bjG:NT2IkZ8r+FXc47Hb1bjG
Score

3^/10

execution
behavioral23 behavioral24
- Target
  
  chrome/content/stats.js
- Size
  
  3KB
- MD5
  
  999a61e890d4521734855f2bd03a3ed2
- SHA1
  
  707f0ec7baa4a464ad5f2fed00a15478d086a567
- SHA256
  
  e1b27b238d6df4427164ba737d0388e7a49aed24b036624693c074dd8fa83dd3
- SHA512
  
  371fa5420b9e8184afa047b3a005eabcbe59ce7dd155a3df8048d155b31dc3009eab51381c523cdc7c49820badf6ccfbbcc6c0df5328ca096678bfaeaa9b1c08
Score

3^/10

execution
behavioral25 behavioral26
- Target
  
  chrome/content/storage.js
- Size
  
  15KB
- MD5
  
  a92f58a0d8ab6e87c99d9f1add414e9d
- SHA1
  
  11edcd6b9953a37c10acfa6371390c98199f7311
- SHA256
  
  79551f543bb6c6fa159c4aad316eae03abfc3fab553b0ff5d4a0c40ac014fc79
- SHA512
  
  5256a27f4f9101ae6cb6749025e3910121dd5410ae83e38911f647a814a545d4d87f65a98f68a63ac1a30b95d52eefdc487192bee72b8254287f000007d9629a
- SSDEEP
  
  192:QYGUFDdStwK6TxCKejMSfdSLbK+cR/QC5opKS+sD+FRcblY9P7:Btx1b9IQCqYd
Score

3^/10

execution
behavioral27 behavioral28
- Target
  
  appprepend.js
- Size
  
  353B
- MD5
  
  9adce7189c584e7ecfb11706e4253c9c
- SHA1
  
  cdd12424ffe59378d4f9bbefb1b597d15f8dada3
- SHA256
  
  3a850d104cb5ffe402a5dfc6adb39de4ba27a6ff9a8009f00df11e19858d739a
- SHA512
  
  2cc641e974d591e2b17eb43cbd41455fb546fac75d78cfe3605dea0d23a9ecef4b4dab7c3bcde096c7392cbc83efb355187c48937fbe32fdc4b696f11db378a3
Score

3^/10

execution
behavioral29 behavioral30
- Target
  
  background.html
- Size
  
  784B
- MD5
  
  ba82642d3a033b95c4d7f324d84ed104
- SHA1
  
  ad203efafb9557a1aaa22516861d534ce19f6c4b
- SHA256
  
  ecbce9e835208efb2a55549d2b009924940e4c3300933d9f3ad0502f8b9601f2
- SHA512
  
  a7f3d802d2ea87ca84dabe45a69dd21230c8f4760970e4c4c8350765488f6e838bcb411239a85196589106d3adbdd167d4bca53d04409d8a5adfc01eac79265f
Score

3^/10

discovery
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

T1059

JavaScript

T1059.007

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Loads dropped DLL

Reads user/profile data of web browsers

Checks installed software on the system

Installs/modifies Browser Helper Object

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

behavioral32