cef4173afc01d70c99818a3a6099a1ebe939ee5b39a3c92b149a659b300e23b4 | Triage

Sharing

General

Target

3110063a4d08b9c8f873fc641dd9fd8d_JaffaCakes118
Size

65KB
Sample

241010-vxvvqaxcqc
MD5

3110063a4d08b9c8f873fc641dd9fd8d
SHA1

b75ed6a779b8ff34bc00030c886ec01e4081f27c
SHA256

cef4173afc01d70c99818a3a6099a1ebe939ee5b39a3c92b149a659b300e23b4
SHA512

d060e4859c96046e92cbd472d8572d788d222a4b9934f4cc052f658aa936aef4607abff4903014b088df785be1759dbabe172cfb8bf0aade509298865da0eebc
SSDEEP

1536:o4rlcp+YIfbhkuGP5bM6gqC7KnBwvtpcyDxFtwk:o4YI1kuGPcx7sBCoyDzik

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  3110063a4d08b9c8f873fc641dd9fd8d_JaffaCakes118
- Size
  
  65KB
- MD5
  
  3110063a4d08b9c8f873fc641dd9fd8d
- SHA1
  
  b75ed6a779b8ff34bc00030c886ec01e4081f27c
- SHA256
  
  cef4173afc01d70c99818a3a6099a1ebe939ee5b39a3c92b149a659b300e23b4
- SHA512
  
  d060e4859c96046e92cbd472d8572d788d222a4b9934f4cc052f658aa936aef4607abff4903014b088df785be1759dbabe172cfb8bf0aade509298865da0eebc
- SSDEEP
  
  1536:o4rlcp+YIfbhkuGP5bM6gqC7KnBwvtpcyDxFtwk:o4YI1kuGPcx7sBCoyDzik
Score

7^/10

adware discovery stealer
- Deletes itself
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2