Overview

overview

7

Static

static

3

1a28264e0f...18.exe

windows7-x64

7

1a28264e0f...18.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1a28264e0f163f038b78b672caaba542_JaffaCakes118

  • Size

    16KB

  • Sample

    240628-pw9plasglj

  • MD5

    1a28264e0f163f038b78b672caaba542

  • SHA1

    cf556561f4cedefa88681d4402e9035de1fd74c9

  • SHA256

    36350dfb33f3ce1f56221b16db0a3ad6da0f9e83e27af1dffbad281c3c25c06b

  • SHA512

    d4aee1556e3059ab18e9d2ff5329bfc3775431b0ca4a12748d2b323ac3b26e7198362b90a46b1ac4d07289a132bbe236637bd6936397899003b4803cea5afb3c

  • SSDEEP

    384:IQ766GhJ26BiS0JARIy569DdxfxA2EJkIA4JMvszsa/EK:Q/1iyAALJQ4Xzsa

Score
7/10
adwarestealer

Malware Config

Targets

    • Target

      1a28264e0f163f038b78b672caaba542_JaffaCakes118

    • Size

      16KB

    • MD5

      1a28264e0f163f038b78b672caaba542

    • SHA1

      cf556561f4cedefa88681d4402e9035de1fd74c9

    • SHA256

      36350dfb33f3ce1f56221b16db0a3ad6da0f9e83e27af1dffbad281c3c25c06b

    • SHA512

      d4aee1556e3059ab18e9d2ff5329bfc3775431b0ca4a12748d2b323ac3b26e7198362b90a46b1ac4d07289a132bbe236637bd6936397899003b4803cea5afb3c

    • SSDEEP

      384:IQ766GhJ26BiS0JARIy569DdxfxA2EJkIA4JMvszsa/EK:Q/1iyAALJQ4Xzsa

    Score
    7/10
    adwarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks