dbf107ccc9e9f14c0d420fad3d5e8f90e2b0b80ab25a2695282f6209653c4ab8 | Triage

Sharing

General

Target

56fc58cea8bd27e00fcf0ec7286eb25b_JaffaCakes118
Size

693KB
Sample

241018-mrpshssdqf
MD5

56fc58cea8bd27e00fcf0ec7286eb25b
SHA1

8eeefff96e854ff47748bd665a30b5d271df0483
SHA256

dbf107ccc9e9f14c0d420fad3d5e8f90e2b0b80ab25a2695282f6209653c4ab8
SHA512

b41249e690c8a3aeb6438d5a80b7b6e22fedfbc90738a7c1db08389558c532893cd1e247c8349f0ddf2c32b79687e0b8253d7019e9ce5d72d2c66520d88d326c
SSDEEP

12288:neEEfxxCYYkQ4g1frYAaHZiwDJUZZnWS23WnQDomIQF3EpI4Z4X10GVWA:nz0xCYQaHLuZZfzQk2wIY4ZYA

Score

6^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  56fc58cea8bd27e00fcf0ec7286eb25b_JaffaCakes118
- Size
  
  693KB
- MD5
  
  56fc58cea8bd27e00fcf0ec7286eb25b
- SHA1
  
  8eeefff96e854ff47748bd665a30b5d271df0483
- SHA256
  
  dbf107ccc9e9f14c0d420fad3d5e8f90e2b0b80ab25a2695282f6209653c4ab8
- SHA512
  
  b41249e690c8a3aeb6438d5a80b7b6e22fedfbc90738a7c1db08389558c532893cd1e247c8349f0ddf2c32b79687e0b8253d7019e9ce5d72d2c66520d88d326c
- SSDEEP
  
  12288:neEEfxxCYYkQ4g1frYAaHZiwDJUZZnWS23WnQDomIQF3EpI4Z4X10GVWA:nz0xCYQaHLuZZfzQk2wIY4ZYA
Score

3^/10

discovery
behavioral1 behavioral2
- Target
  
  $PLUGINSDIR/DLLWebCount.dll
- Size
  
  28KB
- MD5
  
  d825e4003d1697fd4bc45361e222746c
- SHA1
  
  e9d4b1073aac15d4dbb430471fcaea549e633d13
- SHA256
  
  c79e4be74eecf16f2f7f1d39724c938bf372e9568bb96fa4610926a57fe323f5
- SHA512
  
  7740a18cae5a42963c748a49ac6175482c93b34dce703a7cf24f5828ee6cdc19eb2669a634b64c2a4c861272f7e9b9e943455195a7cd6afcd8fa5586744eb86f
- SSDEEP
  
  96:unHQKcixlYedrGcCM4JuGylQu4BudGaFHiYueH:uHJciUM4JmuLYdbFHiRe
Score

3^/10

discovery
behavioral3 behavioral4
- Target
  
  $PLUGINSDIR/ExistFiles.dll
- Size
  
  108KB
- MD5
  
  ef71ad00767e6b0a92301fd244c5afe3
- SHA1
  
  5b57f59990dcc52defe342e1b5a7328100f1df58
- SHA256
  
  45648e313905e87dc12dc80f5ddb61bab9aceb66f073dd262a10e1f6e9bf6231
- SHA512
  
  9f50c6da98a823474f6f9a29dfb26d2e1458eef2a951efa04ef1e1d5b995f854d775de1fcf2ae75cb7a2fc0e70af75d61cc91c8f548466f6e427b4d397974984
- SSDEEP
  
  1536:U4BGIRKKTbBNYi7iKGuTYznzXYwR0FsrbWzlh:3wIRKC3776uKz3Ismx
Score

3^/10

discovery
behavioral5 behavioral6
- Target
  
  $PLUGINSDIR/IEKill.dll
- Size
  
  24KB
- MD5
  
  86acfaa6a25bca6031b303b5bdcc232b
- SHA1
  
  819fd291e5403d8915fe5984e89ee1f6a496a480
- SHA256
  
  e4a0127903902f485eaf29d76052c03daeaa096234baa03c6ba5f3ddb9f233e6
- SHA512
  
  521bd61d92d07e520fc6ba149847d67d5ac46bc1eb04bc33e7576776b7dd20cdbc059e79c6f857659a25c098d0395559f92c2d92274bde97acc7f224aa6e3b4a
- SSDEEP
  
  96:NK6SSNF28W2z/Zq6YTgdY8BKZ8BKoIhsdQculsG51m:06BNRjZqeIT5hsdQcNsk
Score

3^/10

discovery
behavioral7 behavioral8
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral10 behavioral9
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10

discovery
behavioral11 behavioral12
- Target
  
  $PLUGINSDIR/SelfDelete.dll
- Size
  
  24KB
- MD5
  
  7bf1bd7661385621c7908e36958f582e
- SHA1
  
  43242d7731c097e95fb96753c8262609ff929410
- SHA256
  
  c0ad2c13d48c9fe62f898da822a5f08be3bf6c4e2c1c7ffdf7634f2ca4a8859e
- SHA512
  
  8317af5cc3ac802eb095f3fa8cc71daa1265ca58fead031c07872f3d4bb07663a7002ae734fad392a7617f0923fe0caf1f54ed55afdf8516a6a08e202d86fa7f
- SSDEEP
  
  96:1dIrJYYrzPpqAAZ9sNIaI2y9WulXEGNRrG:nuYATpq/viyYuEYRr
Score

3^/10

discovery
behavioral13 behavioral14
- Target
  
  $PLUGINSDIR/ServiceBlock.dll
- Size
  
  24KB
- MD5
  
  b1aab8735ae2a42bf7164eb69c13d7b6
- SHA1
  
  ba257f955c08c80e5113845401360a8f31b8f54f
- SHA256
  
  e32a7e356cae8731c0cfdb5adb53351438aa7d1a61ce01adee45983ccba86300
- SHA512
  
  649ef8f6b8721e5b1eff0d5d79c3d71373e137cc868e4f66cce0e4852d1a66d842bbf9aaf6d0f671512139dbf450f290a7635160513016c4849b275690d684e9
- SSDEEP
  
  96:pvCbzuYNSSd+2CPc7TI957Ofu91OG3az:cbCYDBCdn7YEO+a
Score

3^/10

discovery
behavioral15 behavioral16
- Target
  
  C:/WINDOWS/system32/drivers/showpop.sys
- Size
  
  11KB
- MD5
  
  4f7f36bd2f4d6eaa7c1ffc5d76cf93dd
- SHA1
  
  9232c26f2e7dbb70a7a4ed20c24a7be1ba29ee60
- SHA256
  
  13a10489a9c67602b328b0d7711510b170f8a7a1957a209e389501f432a79796
- SHA512
  
  4b439104c52c4c55c991c08df1270f6956eb7d36fd83b20185016f5abbe299033406385c69fce3658902875ba6e28b58c60f58378003d4ff068bcec3cf93a27c
- SSDEEP
  
  192:MmBMwUm02xJR/FG3fNNkYTIAo5hvlDfhicijDiFipFah4sYA+KUjJsWF:MmawUmdgfNNkOIRvhIdj2UpFaWsbuJsq
Score

1^/10
behavioral17 behavioral18
- Target
  
  C:/WINDOWS/system32/drivers/uninstall.exe
- Size
  
  93KB
- MD5
  
  46d5c2860bcb4ac93daa71fd8629494a
- SHA1
  
  5fd5017eddcc5f1caa8d2437da1ffdff62a552c6
- SHA256
  
  952cc1bd81820d91a3ffca58eb852b265e646202dad6238f73a478cdad8db212
- SHA512
  
  81db72d36c0821ad1b64d9897db93c51f23a882139504d4549a1686ad2874b43f1ee7f05c2ba9fb0bb977f3cd7a1edf8c5b9e043e26db4de465e78ebae0ef5a0
- SSDEEP
  
  1536:xtYuscB6qhtBu/HMDHmJ+7NeYRNgKJ+BCyLEWyc0NH+5vx6GLeiVETFqMt:xKQXtg/sDHmJAeqgKJ+BCfZgRxLhETsc
Score

1^/10
behavioral19 behavioral20
- Target
  
  $PLUGINSDIR/DLLWebCount.dll
- Size
  
  28KB
- MD5
  
  d825e4003d1697fd4bc45361e222746c
- SHA1
  
  e9d4b1073aac15d4dbb430471fcaea549e633d13
- SHA256
  
  c79e4be74eecf16f2f7f1d39724c938bf372e9568bb96fa4610926a57fe323f5
- SHA512
  
  7740a18cae5a42963c748a49ac6175482c93b34dce703a7cf24f5828ee6cdc19eb2669a634b64c2a4c861272f7e9b9e943455195a7cd6afcd8fa5586744eb86f
- SSDEEP
  
  96:unHQKcixlYedrGcCM4JuGylQu4BudGaFHiYueH:uHJciUM4JmuLYdbFHiRe
Score

3^/10

discovery
behavioral21 behavioral22
- Target
  
  $PLUGINSDIR/IEKill.dll
- Size
  
  24KB
- MD5
  
  86acfaa6a25bca6031b303b5bdcc232b
- SHA1
  
  819fd291e5403d8915fe5984e89ee1f6a496a480
- SHA256
  
  e4a0127903902f485eaf29d76052c03daeaa096234baa03c6ba5f3ddb9f233e6
- SHA512
  
  521bd61d92d07e520fc6ba149847d67d5ac46bc1eb04bc33e7576776b7dd20cdbc059e79c6f857659a25c098d0395559f92c2d92274bde97acc7f224aa6e3b4a
- SSDEEP
  
  96:NK6SSNF28W2z/Zq6YTgdY8BKZ8BKoIhsdQculsG51m:06BNRjZqeIT5hsdQcNsk
Score

3^/10

discovery
behavioral23 behavioral24
- Target
  
  $PLUGINSDIR/InstallOptions.dll
- Size
  
  13KB
- MD5
  
  d765c492c21689e3d9d61634371fd861
- SHA1
  
  ac200933671ae52c9d5544d0e2e8e9144d286c83
- SHA256
  
  551e6042dd494ea01549555ffc194ab9729da09058ec714eb368dd06642c9bbc
- SHA512
  
  9919a9e848c8f1e26c75d0d29207571e4b86a4140bd554743d2c1f8bd7f386fe4919345b163d89a5d907fb165e435ba0ac5f6b1101713636141f156a420e2e0f
- SSDEEP
  
  192:9B6RvrfvOuJQDghBy/X7QKq3TLGciZJf0EzWzMnz6WoF1dBs:v6RrviWaX7eiZJ7nz6bB
Score

3^/10

discovery
behavioral25 behavioral26
- Target
  
  $PLUGINSDIR/KillProcDLL.dll
- Size
  
  32KB
- MD5
  
  83142eac84475f4ca889c73f10d9c179
- SHA1
  
  dbe43c0de8ef881466bd74861b2e5b17598b5ce8
- SHA256
  
  ae2f1658656e554f37e6eac896475a3862841a18ffc6fad2754e2d3525770729
- SHA512
  
  1c66eab21f0c9e0b99ecc3844516a6978f52e0c7f489405a427532ecbe78947c37dac5b4c8b722cc8bc1edfb74ba4824519d56099e587e754e5c668701e83bd1
- SSDEEP
  
  384:3rYz6grZodORNWATt4TBmlk5ooyzFh7BukAUdJoUtSOSR:3QggDWATWNCFh7BNddJoxO+
Score

3^/10

discovery
behavioral27 behavioral28
- Target
  
  $PLUGINSDIR/ServiceBlock.dll
- Size
  
  24KB
- MD5
  
  b1aab8735ae2a42bf7164eb69c13d7b6
- SHA1
  
  ba257f955c08c80e5113845401360a8f31b8f54f
- SHA256
  
  e32a7e356cae8731c0cfdb5adb53351438aa7d1a61ce01adee45983ccba86300
- SHA512
  
  649ef8f6b8721e5b1eff0d5d79c3d71373e137cc868e4f66cce0e4852d1a66d842bbf9aaf6d0f671512139dbf450f290a7635160513016c4849b275690d684e9
- SSDEEP
  
  96:pvCbzuYNSSd+2CPc7TI957Ofu91OG3az:cbCYDBCdn7YEO+a
Score

3^/10

discovery
behavioral29 behavioral30
- Target
  
  OhOhPopup.dll
- Size
  
  244KB
- MD5
  
  5e01f98830d42f4923a5564951f3d307
- SHA1
  
  cd56776f3cdd6c9d7e99bb157e2fce341e786286
- SHA256
  
  ae0f38e0bd20606fc9b1c2a1703cf85e2421d1c07c4c618bb6618f609dfc876b
- SHA512
  
  4bb433ec8744026dcb23a57ce90e6d85cb7a418dea9fb28bca33821dd3e2ac4e7488c97b79dd3ee2dd2a2b14da647ddb819eae88bdf98ff5cb0651976e14d1fc
- SSDEEP
  
  1536:jrzI8mb0NKrlplWZXyjFx+Ttfx9reKFk7dGKmlnABR4f+p:vE8mb0NKJpl6X+6xeukBGKmlnABRm+
Score

6^/10

adware discovery stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral31 behavioral32

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6

behavioral7

behavioral8

behavioral9

behavioral10

behavioral11

behavioral12

behavioral13

behavioral14

behavioral15

behavioral16

behavioral17

behavioral18

behavioral19

behavioral20

behavioral21

behavioral22

behavioral23

behavioral24

behavioral25

behavioral26

behavioral27

behavioral28

behavioral29

behavioral30

behavioral31

adwarediscoverystealer

behavioral32

adwarediscoverystealer