53352c6149c875d291aaafae050ad4349e2df3dd63ba3334e8c74432c8e021a7 | Triage

Sharing

General

Target

0842a08c32898f166958e377ab1f67e9_JaffaCakes118
Size

1.1MB
Sample

241002-bw5trazhkj
MD5

0842a08c32898f166958e377ab1f67e9
SHA1

7ae976f8ad02356faeb1dababb4313a6b9a55872
SHA256

53352c6149c875d291aaafae050ad4349e2df3dd63ba3334e8c74432c8e021a7
SHA512

393d54e445731878ca1481856e5ca9c35fdeae5259611fce323486e146877f7db29cb618817800e0f2c62636a287ff5d59514fe24e36791ada2da89ff6bf77bc
SSDEEP

24576:h1OYdaO0OBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQ+:h1OsROEt5hDG0SAMs9j8nTJ2Y68hWGQ+

Score

7^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  0842a08c32898f166958e377ab1f67e9_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  0842a08c32898f166958e377ab1f67e9
- SHA1
  
  7ae976f8ad02356faeb1dababb4313a6b9a55872
- SHA256
  
  53352c6149c875d291aaafae050ad4349e2df3dd63ba3334e8c74432c8e021a7
- SHA512
  
  393d54e445731878ca1481856e5ca9c35fdeae5259611fce323486e146877f7db29cb618817800e0f2c62636a287ff5d59514fe24e36791ada2da89ff6bf77bc
- SSDEEP
  
  24576:h1OYdaO0OBsFEt5hDG0SAMs9jR/jaJnTJdwY68+UhnWb3aQ+:h1OsROEt5hDG0SAMs9j8nTJ2Y68hWGQ+
Score

7^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials from Password Stores

Credentials from Web Browsers

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer