88eddad66d8c49e66b3fe2ce233ec6bb931e7efaa5f8c545cd7d88cbd63b9110 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

183b1cb9401a24ffa852fc2323726528_JaffaCakes118
Size

476KB
Sample

241006-qfnmvswajn
MD5

183b1cb9401a24ffa852fc2323726528
SHA1

4100263236e4460942bba4aa44b34e23c7247fcb
SHA256

88eddad66d8c49e66b3fe2ce233ec6bb931e7efaa5f8c545cd7d88cbd63b9110
SHA512

820cd0c0e27d38c2565da69c129b0a1f68c6faab909d30d92c033732d68bc5a7c3ee44fe7d8a366408fab5b5bc0eb2e43d563f4ab86c20aedf6c995dca8e948b
SSDEEP

12288:mm8L5EpHmmGbXs8CrjGZ/XH+IlJQ0dYliFeFw8RPo6VA:mmamxLMXs8CP6/XH+z05ERPdG

Score

6^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  183b1cb9401a24ffa852fc2323726528_JaffaCakes118
- Size
  
  476KB
- MD5
  
  183b1cb9401a24ffa852fc2323726528
- SHA1
  
  4100263236e4460942bba4aa44b34e23c7247fcb
- SHA256
  
  88eddad66d8c49e66b3fe2ce233ec6bb931e7efaa5f8c545cd7d88cbd63b9110
- SHA512
  
  820cd0c0e27d38c2565da69c129b0a1f68c6faab909d30d92c033732d68bc5a7c3ee44fe7d8a366408fab5b5bc0eb2e43d563f4ab86c20aedf6c995dca8e948b
- SSDEEP
  
  12288:mm8L5EpHmmGbXs8CrjGZ/XH+IlJQ0dYliFeFw8RPo6VA:mmamxLMXs8CP6/XH+z05ERPdG
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  14KB
- MD5
  
  0dc0cc7a6d9db685bf05a7e5f3ea4781
- SHA1
  
  5d8b6268eeec9d8d904bc9d988a4b588b392213f
- SHA256
  
  8e287326f1cdd5ef2dcd7a72537c68cbe4299ceb1f820707c5820f3aa6d8206c
- SHA512
  
  814dd17ebb434f4a3356f716c783ab7f569f9ee34ce5274fa50392526925f044798f8006198ac7afe3d1c2ca83a2ca8c472ca53fec5f12bbfbbe0707abacd6b0
- SSDEEP
  
  192:n6d+dHXLHQOPiY53uiUdigyU+WsPdc/A1A+2jPK72dwF7dBEnbok:n6UdHXcIiY535zBt2jP+BEnbo
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/System.dll
- Size
  
  11KB
- MD5
  
  00a0194c20ee912257df53bfe258ee4a
- SHA1
  
  d7b4e319bc5119024690dc8230b9cc919b1b86b2
- SHA256
  
  dc4da2ccadb11099076926b02764b2b44ad8f97cd32337421a4cc21a3f5448f3
- SHA512
  
  3b38a2c17996c3b77ebf7b858a6c37415615e756792132878d8eddbd13cb06710b7da0e8b58104768f8e475fc93e8b44b3b1ab6f70ddf52edee111aaf5ef5667
- SSDEEP
  
  192:7DKnJZCv6VmbJQC+tFiUdK7ckD4gRXKQx+LQ2CSF:7ViJrtFRdbmXK8+PCw
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PROGRAMFILES/winguard/wgblock.dll
- Size
  
  216KB
- MD5
  
  8f2acc17aa7b217130ba3bb39335e93f
- SHA1
  
  f2f269c7975e30a395c66ea17f572d0e648855fa
- SHA256
  
  903c057cdded367f032dc9b27cbb89f1748220968df6dc43b7dd623e6955fd96
- SHA512
  
  ad17ebcf997742393a612cb852abbccb7e9e4640877a4142eb282348fa45be0e3a3d747c6dc5be50f3176c49b6334c2fe828d478f7f31ffd0adc77069347e9bb
- SSDEEP
  
  3072:kMqRMebRaOFNyc3lo4fNUg49iCF0USaYPPo3p1slFtQ:kMFsRaOFV3lo4lG9iC5RTZ
Score

6^/10

adware discovery stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral7 behavioral8
- Target
  
  $PROGRAMFILES/winguard/wgclean.dll
- Size
  
  18KB
- MD5
  
  c20de966a646406f436db958e721b85f
- SHA1
  
  78cc7ec5e4a57fa93ef9463a2aadb81a362fa8b6
- SHA256
  
  aea2c3a716a5b058bd0fd07e0c46dc9a9625c26b09b2ae8b57d1e3d37e5d0f9f
- SHA512
  
  76ebb2f3d1dabe9a556852f70f9b54fcbf291bf974e5e0c5db84b4d3bf62407db5124384ea997c89b02316ad2eff3a925205b1915f22def5275ec8b180fb7b52
- SSDEEP
  
  384:5TtD188qMyfdsEhpaufWpEi/0BqVZWcPfXswek8sD7DI:dtD188qNSEZfYJ8wZWcHcweiD7DI
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PROGRAMFILES/winguard/winguard.exe
- Size
  
  692KB
- MD5
  
  b700c89711b30e90e2f76b0007d56208
- SHA1
  
  60950ca9776ca55bf0a02692e93fbf6d066e2f12
- SHA256
  
  598c540febd9958c8bebbbc29d0331a8735d0d9058141c872dfa3d2588b44476
- SHA512
  
  cf0b8d66f767cc201495d85c95b046baf11dda86511120a2785503bcc3a0d33bf9d928bb1bd19488726b9a76e8e46491e1f013e821376f04e14c11d9c7128923
- SSDEEP
  
  12288:7qAOVI+/tAUv7GTURRNV1admlPlzNrZ5iZ9gGMC5ReiElki:23CEtRRN3admPkZ9o+wWi
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PROGRAMFILES/winguard/winguardup.exe
- Size
  
  196KB
- MD5
  
  bccbadf2904d35f7ca10e7b76f965ddf
- SHA1
  
  074cc113f68fdbc306ee85f9c3137143abbac851
- SHA256
  
  66745ad23e3025eb03176a08c1810acc14e50446231064b67c9a1cb904401efe
- SHA512
  
  16d6d8ebe570d539f9c5e39ebe1c1f27bbd3d04445699d39ccb70063b64af27a6e6e34289ca4db15f98c595842124041cbb4a2a8f4366be84a4cf3509f8772b9
- SSDEEP
  
  3072:ie2lIX6EP1NGCy50Mq8o4fNUg49iCF0USaYGQfZxGnd8q:l2IX6q1NCKf8o4lG9iC5RFQRxGd8
Score

3^/10

discovery
behavioral13 behavioral14

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

adwarediscoverystealer

behavioral8

adwarediscoverystealer

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14