35ae6848c61a63e3087e41f0f26dec377f80d2348385d83318dc87299d253b2d | Triage

Sharing

General

Target

2fa5bd8c33d85d06716b95f183744e61_JaffaCakes118
Size

502KB
Sample

241009-mqmxjavgld
MD5

2fa5bd8c33d85d06716b95f183744e61
SHA1

95eb640bf8b1f885af35c026118f7d44aab0bcb4
SHA256

35ae6848c61a63e3087e41f0f26dec377f80d2348385d83318dc87299d253b2d
SHA512

38772447484fed579ed0f124a79a3539a1d19ae007584f91b7a86a948e5f9bce21c2f5843e7be6e9d709c1ad8d23bb79a935fad2cbe8dabbfc7be50f5cbcd93f
SSDEEP

12288:WGeC05T/BEF4mxBr4brIlScSHomRM2uPy+mkSdST6HTPMRn5:8CaT/BDi+N7ZuP5v6HUn5

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  2fa5bd8c33d85d06716b95f183744e61_JaffaCakes118
- Size
  
  502KB
- MD5
  
  2fa5bd8c33d85d06716b95f183744e61
- SHA1
  
  95eb640bf8b1f885af35c026118f7d44aab0bcb4
- SHA256
  
  35ae6848c61a63e3087e41f0f26dec377f80d2348385d83318dc87299d253b2d
- SHA512
  
  38772447484fed579ed0f124a79a3539a1d19ae007584f91b7a86a948e5f9bce21c2f5843e7be6e9d709c1ad8d23bb79a935fad2cbe8dabbfc7be50f5cbcd93f
- SSDEEP
  
  12288:WGeC05T/BEF4mxBr4brIlScSHomRM2uPy+mkSdST6HTPMRn5:8CaT/BDi+N7ZuP5v6HUn5
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2
- Target
  
  /tbu04648/tbhelper.dll
- Size
  
  372KB
- MD5
  
  87503cf652a007ccbff38d5b370e94ec
- SHA1
  
  141f20a4fd5bd549eb7dcfe0fca0918ca65d4bf5
- SHA256
  
  cc1ae922b46a94e3af01d79ce9e38b0f97482351150fab7e384b62d0d646479a
- SHA512
  
  9c806981911697e32840cd9ed42eb65accf024d74f304cad8b1951b1214145597cfd98f75038abdb4db53fdd726256cc697ae576cec0247b29811df943e36bc3
- SSDEEP
  
  6144:Z36jtdr0ZaZuONAmetiqgc+bVAVKT9ubxij6kenmM3S:ZE/QZaZuON9etirc+bVAgT9uNHHnmM
Score

1^/10
behavioral3 behavioral4
- Target
  
  /tbu04648/urlfreeze.dll
- Size
  
  1.2MB
- MD5
  
  18119d058f699d165ddf4b8e79e35494
- SHA1
  
  b40b9d7743e99ad78570c40a55133e24efc6aee2
- SHA256
  
  d9ef9c53ca7466bf5007601ea002dbcd2d095e34474da64e6b4c4079d3dc93eb
- SHA512
  
  497c3f5ed6790ad47e9564d9a943a07ab0d54d016487b8a4b1cd4c405f66b73fa2936c7c5defb9a04b89f636b658793f2abb91c8e299917ce52daabfdd0841bd
- SSDEEP
  
  24576:STvUrrc1kL01qlOEcdnvRuvt0uKWQM2YFF:SQ2kd8bvsmuKWQ9Y
Score

1^/10
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer

behavioral3

behavioral4

behavioral5

behavioral6