3f3fb954b50468dd4f5e72f367fde92071d80856984c6b7ef0a2d0bd9ae37048

Sharing

Copy URL

Twitter E-mail

General

Target

422d53487a53519e8a5c8a009a138903_JaffaCakes118
Size

634KB
Sample

241013-1c92sstfpl
MD5

422d53487a53519e8a5c8a009a138903
SHA1

2bc2ce22c4031ff3ddfce294d2829523addb5a8f
SHA256

3f3fb954b50468dd4f5e72f367fde92071d80856984c6b7ef0a2d0bd9ae37048
SHA512

cd7fabc180c1f4872bd0b916a75bd4e3146d206d5f2f1175666d998d8698569892d5f03726ab8e63b2a67d2232621aa267d6b842c24412417808c87082418ef5
SSDEEP

12288:z/UO7sCKG4GjeZHkwuPikQ7lKH5p5H9x1GeZHkwuTiBQVlKz5p9xl/lfV:zcO7LKG4GjeZEXi37l6Br1GeZELiGVlc

Score

7^/10

Malware Config

Targets

- Target
  
  422d53487a53519e8a5c8a009a138903_JaffaCakes118
- Size
  
  634KB
- MD5
  
  422d53487a53519e8a5c8a009a138903
- SHA1
  
  2bc2ce22c4031ff3ddfce294d2829523addb5a8f
- SHA256
  
  3f3fb954b50468dd4f5e72f367fde92071d80856984c6b7ef0a2d0bd9ae37048
- SHA512
  
  cd7fabc180c1f4872bd0b916a75bd4e3146d206d5f2f1175666d998d8698569892d5f03726ab8e63b2a67d2232621aa267d6b842c24412417808c87082418ef5
- SSDEEP
  
  12288:z/UO7sCKG4GjeZHkwuPikQ7lKH5p5H9x1GeZHkwuTiBQVlKz5p9xl/lfV:zcO7LKG4GjeZEXi37l6Br1GeZELiGVlc
Score

7^/10

adware discovery spyware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/aminsis.dll
- Size
  
  559KB
- MD5
  
  51ba1095f0ae45a2d444bea506cb9ad4
- SHA1
  
  038a5d53d055a6d440bd2c8864c2f51db206c5e5
- SHA256
  
  b620091bf9973e807e12155d2247a6d233b5d13ec38c426675470ab4b26f0539
- SHA512
  
  f5fe2dd0f19bcaab47540ceedbec71f7f7c5b833c8772c097594c458e5f1101fe9feb849812b65c175055f71dfb13f11c4ad94fef42cd66f247413e453de3361
- SSDEEP
  
  12288:kbdmSvBuSrDWoN/8Z+iZz2ULoygI/htZw3EKwcxi0T8NGAmN:bSvBuSG7+iZz2ULoyXZzw3E2tT8UAmN
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  ffMediaWatchV1home999chaction.js
- Size
  
  829B
- MD5
  
  69b8dc1c8c5c8af300c5cf1ee9747a47
- SHA1
  
  5bfb9d028b13e16351ce6f835c301602f56f2bd4
- SHA256
  
  8eab968fa9441949848132d81395f5e7ec6446b9039cbc56b2a6552b640c6810
- SHA512
  
  03d1dcd67d0c617c48b3aaa98f3688271c908f483237e47c6356fa7ced79002932e7cd581dd9f3a3522ffdf1ff6e1bc26052456120ed619ffb29300c4f95c2b5
Score

3^/10

execution
behavioral5 behavioral6
- Target
  
  ff/chrome/content/ffMediaWatchV1home999.js
- Size
  
  744B
- MD5
  
  a6485b922bb8ef7baf31df768ba242c8
- SHA1
  
  f3c418ab7ab5ded1605a0a4149ec3d196e388f49
- SHA256
  
  9f55cd9cbe19ab6e037620877da81eff22e0c76404fef64159efb3d7e7ddbb3f
- SHA512
  
  e830528773918319ff65c5431b01f0b2592cf5c6951e7d197310a7a68ceaac59f327f4e0c49a9233f548110d7dace60b281329bd364a479fabc4830c296845e7
Score

3^/10

execution
behavioral7 behavioral8
- Target
  
  ff/chrome/content/ffMediaWatchV1home999ffaction.js
- Size
  
  674B
- MD5
  
  980250b7980bdaf0a0cd23800d3bc501
- SHA1
  
  120bf18b73eae12ebf619d7e09c203b62e7d64bb
- SHA256
  
  12af9f5d2e5e58f7be40274076e440d6be02dbee09bb7e7fc6e9b6feb0d1a638
- SHA512
  
  9f0699ce75d87068910440ed159faeccdbed2fa9a05645eadc74ec0cd4f237d617529be234f0b05c4be4467c75729472e10caaa2b237232146095ee0d2c827a7
Score

3^/10

execution
behavioral10 behavioral9
- Target
  
  ie/MediaWatchV1home999.dll
- Size
  
  85KB
- MD5
  
  89b7307d9eaabbfe7f721ef34747035d
- SHA1
  
  ed97025ff3c13c686fdc6a5dd11b62d140aa31ca
- SHA256
  
  e907621c97d9bd0d60b9aaf1fe872b5ce094ac1f36c83dfa65de87bb128ad70b
- SHA512
  
  75b289768551b8104ee8cce61e29fe27ed001e49560a94fe8fb63a97a5751e3330ed2dde791d3dac2831e5df9fea3c516b7840f72c7f1246abda92bb48918179
- SSDEEP
  
  1536:kn/1CsEmkaMAvtahrOb8DktiDzHA9glQyxcjZV:A12mkaMAlahrOiDzguayxcN
Score

6^/10

adware discovery stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral11 behavioral12
- Target
  
  uninstall.exe
- Size
  
  285KB
- MD5
  
  9277ad516dc2a4dfa243eb874e2812a6
- SHA1
  
  3bb68f7f16471fc0eb6b7ad0445d5ed309f82d75
- SHA256
  
  67aa3d588c1f21a83c918b46e1a6bf864a4bbbcfa216d16d42bcf2a89585ffd5
- SHA512
  
  bf3a7286557878e76e88071d9c208a1e2e1fa330cddba969d6f1d3cd7d003e1858a0f232d3e9bd34fed2ba2f8229a13e8d0938a04a774e92a564823877af3b34
- SSDEEP
  
  6144:Ee340gpeZH+zpyuuz6GZkDOJ/7OafSH5KmrWym09x12:hceZHkwuPikQ7lKH5p5H9x12
Score

7^/10

discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/aminsis.dll
- Size
  
  559KB
- MD5
  
  51ba1095f0ae45a2d444bea506cb9ad4
- SHA1
  
  038a5d53d055a6d440bd2c8864c2f51db206c5e5
- SHA256
  
  b620091bf9973e807e12155d2247a6d233b5d13ec38c426675470ab4b26f0539
- SHA512
  
  f5fe2dd0f19bcaab47540ceedbec71f7f7c5b833c8772c097594c458e5f1101fe9feb849812b65c175055f71dfb13f11c4ad94fef42cd66f247413e453de3361
- SSDEEP
  
  12288:kbdmSvBuSrDWoN/8Z+iZz2ULoygI/htZw3EKwcxi0T8NGAmN:bSvBuSG7+iZz2ULoyXZzw3E2tT8UAmN
Score

3^/10

discovery
behavioral15 behavioral16