3d40ab8b1b4ff400a109718a44f081591323e47b8e51d206b1b1f59c452633a9 | Triage

Sharing

General

Target

JaffaCakes118_8ac042335b85460bec74fbef0a9f7450
Size

449KB
Sample

250328-rrxwcayp16
MD5

8ac042335b85460bec74fbef0a9f7450
SHA1

5390505658d4961a8ccbe67e26dcb0287b96a6ea
SHA256

3d40ab8b1b4ff400a109718a44f081591323e47b8e51d206b1b1f59c452633a9
SHA512

0f4151d834922a59781ae08137e8862685ed3bd900dd70f8cbc337f7ad30e38b49b3ed9d4aa5eb10ca9fb7ca7d27145115c33499d00900e1ecb8f221bac67b6f
SSDEEP

384:PSdD9d6GoHI47Yuonrv+3EpkdQpaseJqut7JrgDRgYa7jv3+zQn2kUr20LLLLLL3:KAIWAT+UpkWILjJrAP1Qn2kw

Score

6^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  JaffaCakes118_8ac042335b85460bec74fbef0a9f7450
- Size
  
  449KB
- MD5
  
  8ac042335b85460bec74fbef0a9f7450
- SHA1
  
  5390505658d4961a8ccbe67e26dcb0287b96a6ea
- SHA256
  
  3d40ab8b1b4ff400a109718a44f081591323e47b8e51d206b1b1f59c452633a9
- SHA512
  
  0f4151d834922a59781ae08137e8862685ed3bd900dd70f8cbc337f7ad30e38b49b3ed9d4aa5eb10ca9fb7ca7d27145115c33499d00900e1ecb8f221bac67b6f
- SSDEEP
  
  384:PSdD9d6GoHI47Yuonrv+3EpkdQpaseJqut7JrgDRgYa7jv3+zQn2kUr20LLLLLL3:KAIWAT+UpkWILjJrAP1Qn2kw
Score

6^/10

discovery adware stealer
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

adwarediscoverystealer