5ed927cc66c28ba406b5a78032356ffdd48c433253dfde6643acde302e255dd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1552e7f7d01b23e8479080fe021645c2_JaffaCakes118
Size

551KB
Sample

241004-3lb78ssfjl
MD5

1552e7f7d01b23e8479080fe021645c2
SHA1

42073fa182e21a5da7076a26e126d9cc6d4444de
SHA256

5ed927cc66c28ba406b5a78032356ffdd48c433253dfde6643acde302e255dd2
SHA512

5fd0e1f527fd4c751df5eac54874ee096b1ae031707a7532ce89bb94ecfeb2856ce0b230784d89cec6270766068a865d559f1107b11b6a028097168b2f5b6ef0
SSDEEP

12288:h1OgLdaOQgbJuMmFcouJqkXWctn+MEfOg:h1OYdaOQgJHJJqkXtMOg

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  1552e7f7d01b23e8479080fe021645c2_JaffaCakes118
- Size
  
  551KB
- MD5
  
  1552e7f7d01b23e8479080fe021645c2
- SHA1
  
  42073fa182e21a5da7076a26e126d9cc6d4444de
- SHA256
  
  5ed927cc66c28ba406b5a78032356ffdd48c433253dfde6643acde302e255dd2
- SHA512
  
  5fd0e1f527fd4c751df5eac54874ee096b1ae031707a7532ce89bb94ecfeb2856ce0b230784d89cec6270766068a865d559f1107b11b6a028097168b2f5b6ef0
- SSDEEP
  
  12288:h1OgLdaOQgbJuMmFcouJqkXWctn+MEfOg:h1OYdaOQgJHJJqkXtMOg
Score

7^/10

adware discovery stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer