92134d4e7dd2d09d8dd772fa966c486e5128b00b446a2f6ac04fbb17f19ec713

Sharing

Copy URL

Twitter E-mail

General

Target

15553c55b740f69e80584d0e52be253b_JaffaCakes118
Size

634KB
Sample

241004-3nc8baxcla
MD5

15553c55b740f69e80584d0e52be253b
SHA1

81fd1f6af3f6e65a87f99a950560a5e743603442
SHA256

92134d4e7dd2d09d8dd772fa966c486e5128b00b446a2f6ac04fbb17f19ec713
SHA512

6b1dff175d52bc501dffd9ca1c9b5d370f73968c2a48463b7fec9f95c02d7c4611c483914745f2c1f77d6954f17b52f87568bed8fb3ad8155dc5912aa510a284
SSDEEP

12288:NsaRG4GjeZHkwuPikQ7lKH5p5H9x1meZHkwu5iRQFlKd5pDCsQz7PYG:N1G4GjeZEXi37l6Br1meZExi2Fle7CbJ

Score

7^/10

Malware Config

Targets

- Target
  
  15553c55b740f69e80584d0e52be253b_JaffaCakes118
- Size
  
  634KB
- MD5
  
  15553c55b740f69e80584d0e52be253b
- SHA1
  
  81fd1f6af3f6e65a87f99a950560a5e743603442
- SHA256
  
  92134d4e7dd2d09d8dd772fa966c486e5128b00b446a2f6ac04fbb17f19ec713
- SHA512
  
  6b1dff175d52bc501dffd9ca1c9b5d370f73968c2a48463b7fec9f95c02d7c4611c483914745f2c1f77d6954f17b52f87568bed8fb3ad8155dc5912aa510a284
- SSDEEP
  
  12288:NsaRG4GjeZHkwuPikQ7lKH5p5H9x1meZHkwu5iRQFlKd5pDCsQz7PYG:N1G4GjeZEXi37l6Br1meZExi2Fle7CbJ
Score

7^/10

adware discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/aminsis.dll
- Size
  
  559KB
- MD5
  
  51ba1095f0ae45a2d444bea506cb9ad4
- SHA1
  
  038a5d53d055a6d440bd2c8864c2f51db206c5e5
- SHA256
  
  b620091bf9973e807e12155d2247a6d233b5d13ec38c426675470ab4b26f0539
- SHA512
  
  f5fe2dd0f19bcaab47540ceedbec71f7f7c5b833c8772c097594c458e5f1101fe9feb849812b65c175055f71dfb13f11c4ad94fef42cd66f247413e453de3361
- SSDEEP
  
  12288:kbdmSvBuSrDWoN/8Z+iZz2ULoygI/htZw3EKwcxi0T8NGAmN:bSvBuSG7+iZz2ULoyXZzw3E2tT8UAmN
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  ffMediaWatchV1home146chaction.js
- Size
  
  829B
- MD5
  
  73740d82ee66479bd315910a3d81dad3
- SHA1
  
  b2697a681bc82343d4c92bd6f803753241972701
- SHA256
  
  06b703f67add2da0d33535dadc208cad198b011e5e105e5ae2a44e92e3e08434
- SHA512
  
  061fe4d81b573b31b8176587db6943f161bac9f18ef75bacc1bc7b788c3ba9b0aa73c6558b5cc1a32e74112d26b75ddd9f14e4a7e48316d411328b04e1d46ced
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  ff/chrome/content/ffMediaWatchV1home146.js
- Size
  
  744B
- MD5
  
  7295c04c625f5e5ff752f1bd05f44cb9
- SHA1
  
  305222d0b2cef1012890680b0f47ec8d4a9906a7
- SHA256
  
  b1fab04306309215d0b025b136ad2d55ae2db3c4da0e1a0638f8f50b8f8ff0f5
- SHA512
  
  8b667ad76afc6401b3ed9a7a54b6d14bffff0b32738a20bbade5dbb4b9c33e53c4bcb36dcaca5e7557075bf5e9f367a1f32c0b17bb142dcdb28b5c97bccff298
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  ff/chrome/content/ffMediaWatchV1home146ffaction.js
- Size
  
  674B
- MD5
  
  599f07e03993641d6fdab57f2485a8f8
- SHA1
  
  e6988d6f2b0dd52bc8484821926b7269875d1e9b
- SHA256
  
  bf4dd47a5c75ac2777b01106caa27e424e1a91a121e7eb4be173d4f4f2927af7
- SHA512
  
  27d0e6576025109f5da639b252f6096f679cdc24ac14b27b7380e61fed03e5f6d8e748b102c67880488a915fd949c426a8d314a006d6f3c02d638bd156dfeef9
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  ie/MediaWatchV1home146.dll
- Size
  
  85KB
- MD5
  
  4ec2d7e11d4a0e0f875fbf6c0d743c3c
- SHA1
  
  c163dfcd284ddb46d369057614508deef98c85b4
- SHA256
  
  72bd5dbe54f056f36b0b8499e5c703d96e4ea0c2c35048e026cd76317945245d
- SHA512
  
  1b38a325dab013614f50f18bc610f53f95caa4ff3164a64b5c6bc811d976b8211ff59aa3da4a3ba7af1d8a24d7e2819954813e67fc92792c7e64d2a7f26e559c
- SSDEEP
  
  1536:Kn/1CsEmkaMAvtahrOb8DktPoHA9glQx5SDF:u12mkaMAlahrOPoguax5Q
Score

6^/10

adware discovery stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral11 behavioral12
- Target
  
  uninstall.exe
- Size
  
  285KB
- MD5
  
  9ce9ff618226d6c8b2cc7ae40cb3b8c8
- SHA1
  
  578f6587c81171238644782df75c08eccd583a7e
- SHA256
  
  5aa4baf7d42b23ad5e873ec6a2bda112a3b0a6fbb1b63817ec82a380a1158a6f
- SHA512
  
  cb4ffdf09bbf0713c4cb2aef07fc83e76bbf88709e7bdae00f3d39ce088f6f3d59ab47595335a1fab37bdf608239919e0fde5737dcf158ada88c9caf9f07d2d7
- SSDEEP
  
  6144:Ee34+1peZH+zpyuuz6GZkDOJ/7OafSH5KmrWym09x12:nDeZHkwuPikQ7lKH5p5H9x12
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/aminsis.dll
- Size
  
  559KB
- MD5
  
  51ba1095f0ae45a2d444bea506cb9ad4
- SHA1
  
  038a5d53d055a6d440bd2c8864c2f51db206c5e5
- SHA256
  
  b620091bf9973e807e12155d2247a6d233b5d13ec38c426675470ab4b26f0539
- SHA512
  
  f5fe2dd0f19bcaab47540ceedbec71f7f7c5b833c8772c097594c458e5f1101fe9feb849812b65c175055f71dfb13f11c4ad94fef42cd66f247413e453de3361
- SSDEEP
  
  12288:kbdmSvBuSrDWoN/8Z+iZz2ULoygI/htZw3EKwcxi0T8NGAmN:bSvBuSG7+iZz2ULoyXZzw3E2tT8UAmN
Score

3^/10

discovery
behavioral15 behavioral16