c138cb7ac374963c3d4cedc5964e2d93ff34491c951107d7079aa1472ede2aae | Triage

Submit
Reports

Overview

overview

7

Static

static

3

15ed1604d4...18.exe

windows7-x64

7

15ed1604d4...18.exe

windows10-2004-x64

7

Sharing

General

Target

15ed1604d4e53d9efea6b9db60442816_JaffaCakes118
Size

118KB
Sample

241005-dnaprawema
MD5

15ed1604d4e53d9efea6b9db60442816
SHA1

200ce47825c630b323e4ba071593be271e52b95c
SHA256

c138cb7ac374963c3d4cedc5964e2d93ff34491c951107d7079aa1472ede2aae
SHA512

5d1353753c765047d1d5ca9bcbe481542e6dc150162b929232d48777583969cb73301f91c5990884d65e3e0c225c2d7f8c18fdcacb8a3d3b24626d081050d5e1
SSDEEP

768:Vsi0NnqrjIcGA+9H5MQO7BUdLOyOLm/Cb5vTOc74Hpyfogpty2uhNqFeTCKp0JGh:VZHIcz+j0W2QA5v974JyZuCTJrv3BMe

Score

7^/10

adware discovery evasion stealer trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

15ed1604d4e53d9efea6b9db60442816_JaffaCakes118.exe

Resource

win7-20240903-en

adware discovery evasion stealer trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

15ed1604d4e53d9efea6b9db60442816_JaffaCakes118.exe

Resource

win10v2004-20240802-en

adware discovery evasion stealer trojan

windows10-2004-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  15ed1604d4e53d9efea6b9db60442816_JaffaCakes118
- Size
  
  118KB
- MD5
  
  15ed1604d4e53d9efea6b9db60442816
- SHA1
  
  200ce47825c630b323e4ba071593be271e52b95c
- SHA256
  
  c138cb7ac374963c3d4cedc5964e2d93ff34491c951107d7079aa1472ede2aae
- SHA512
  
  5d1353753c765047d1d5ca9bcbe481542e6dc150162b929232d48777583969cb73301f91c5990884d65e3e0c225c2d7f8c18fdcacb8a3d3b24626d081050d5e1
- SSDEEP
  
  768:Vsi0NnqrjIcGA+9H5MQO7BUdLOyOLm/Cb5vTOc74Hpyfogpty2uhNqFeTCKp0JGh:VZHIcz+j0W2QA5v974JyZuCTJrv3BMe
Score

7^/10

adware discovery evasion stealer trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Drops desktop.ini file(s)
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryevasionstealertrojan

behavioral2

adwarediscoveryevasionstealertrojan

© 2018-2025

Terms | Privacy