c07d18108dc5ef2b11e2ca9e19f73aa128cd6c0bc3350c7c9c6eacfb6a574567 | Triage

Sharing

General

Target

2a36c6271f60930d4f69721f53a734aa_JaffaCakes118
Size

52KB
Sample

241009-eaxg2asbqn
MD5

2a36c6271f60930d4f69721f53a734aa
SHA1

ad26019bca2882054964d5049549023e27ce40ce
SHA256

c07d18108dc5ef2b11e2ca9e19f73aa128cd6c0bc3350c7c9c6eacfb6a574567
SHA512

3e7c0536bebbc107047570be74651c0b2c8c093bf86476dbdb3e6d816aa5ef209a1d87ecb75c18e8c68575b51da29f0375f2e1ee9d68cda87dac06200406bf7f
SSDEEP

768:MC2YHgbHSeosNReAi3W3ZZYARllqD7mPocl/4F8DEYG2EEz3z1Yd6zCItGJh0MBs:MGHqSXgzJJ2CP/l/bn7j1YszCz0fZJ

Score

8^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  2a36c6271f60930d4f69721f53a734aa_JaffaCakes118
- Size
  
  52KB
- MD5
  
  2a36c6271f60930d4f69721f53a734aa
- SHA1
  
  ad26019bca2882054964d5049549023e27ce40ce
- SHA256
  
  c07d18108dc5ef2b11e2ca9e19f73aa128cd6c0bc3350c7c9c6eacfb6a574567
- SHA512
  
  3e7c0536bebbc107047570be74651c0b2c8c093bf86476dbdb3e6d816aa5ef209a1d87ecb75c18e8c68575b51da29f0375f2e1ee9d68cda87dac06200406bf7f
- SSDEEP
  
  768:MC2YHgbHSeosNReAi3W3ZZYARllqD7mPocl/4F8DEYG2EEz3z1Yd6zCItGJh0MBs:MGHqSXgzJJ2CP/l/bn7j1YszCz0fZJ
Score

8^/10

adware discovery stealer
- Blocklisted process makes network request
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer