c589deb67251ea227458216ee450f62069be05e7669f164edf56d9cc5f6e2420 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

19d60caac4...18.exe

windows7-x64

7

19d60caac4...18.exe

windows10-2004-x64

7

Sharing

General

Target

19d60caac486feba3fca615a12807475_JaffaCakes118
Size

315KB
Sample

240628-mvnpmavglc
MD5

19d60caac486feba3fca615a12807475
SHA1

af34e98b7ec8f8b6d337716340089e13e823f5ab
SHA256

c589deb67251ea227458216ee450f62069be05e7669f164edf56d9cc5f6e2420
SHA512

6a9a5b6cfc22c46d98448b3c411e00e2649fbbf4cd239942484e14d739c271d594868097febd76dd1f9a0cb8a247856e9075943d550a6ac1bb51f8a526a815c0
SSDEEP

6144:91OgDPdkBAFZWjadD4sQLyjQqasKbLTtyOsN3ZY4d/2pO:91OgLdaVeDsMOsj/2pO

Score

7^/10

adware discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

19d60caac486feba3fca615a12807475_JaffaCakes118.exe

Resource

win7-20240221-en

adware discovery spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

19d60caac486feba3fca615a12807475_JaffaCakes118.exe

Resource

win10v2004-20240508-en

adware discovery spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  19d60caac486feba3fca615a12807475_JaffaCakes118
- Size
  
  315KB
- MD5
  
  19d60caac486feba3fca615a12807475
- SHA1
  
  af34e98b7ec8f8b6d337716340089e13e823f5ab
- SHA256
  
  c589deb67251ea227458216ee450f62069be05e7669f164edf56d9cc5f6e2420
- SHA512
  
  6a9a5b6cfc22c46d98448b3c411e00e2649fbbf4cd239942484e14d739c271d594868097febd76dd1f9a0cb8a247856e9075943d550a6ac1bb51f8a526a815c0
- SSDEEP
  
  6144:91OgDPdkBAFZWjadD4sQLyjQqasKbLTtyOsN3ZY4d/2pO:91OgLdaVeDsMOsj/2pO
Score

7^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer

© 2018-2024

Terms | Privacy