d31a5d72e83043ee452b13eaaac8bea7dfd2a8800fcc9f57153c155c45df8671 | Triage

Submit
Reports

Overview

overview

Static

static

3

1a54e0b5a1...18.dll

windows7-x64

1a54e0b5a1...18.dll

windows10-2004-x64

Sharing

General

Target

1a54e0b5a1cd029de96d226a8ef57f49_JaffaCakes118
Size

43KB
Sample

240628-qydklsvfmp
MD5

1a54e0b5a1cd029de96d226a8ef57f49
SHA1

c4c007dd955c0cdd377037625355d4fb078166d9
SHA256

d31a5d72e83043ee452b13eaaac8bea7dfd2a8800fcc9f57153c155c45df8671
SHA512

a016d0d4d1c564c76430061cc5b697934df1797f7c7ee0a6db26f0f2f6e1ca4aaea014a9a70881e1aee97bfe945f69e162751fd6307fc635acc9b2b64fe11c12
SSDEEP

768:+YY4jCR2J2dTVmQDauctW085lTZXfxkVRvSxcZfqBT5M2OxO48BGRliYsBYJj91G:zY4+R2J+mQW5t7YR8RvSxcZfaT5M2RBB

Score

10^/10

adware defense_evasion evasion stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1a54e0b5a1cd029de96d226a8ef57f49_JaffaCakes118.dll

Resource

win7-20240508-en

adware defense_evasion evasion stealer

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

1a54e0b5a1cd029de96d226a8ef57f49_JaffaCakes118.dll

Resource

win10v2004-20240508-en

adware defense_evasion evasion stealer

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  1a54e0b5a1cd029de96d226a8ef57f49_JaffaCakes118
- Size
  
  43KB
- MD5
  
  1a54e0b5a1cd029de96d226a8ef57f49
- SHA1
  
  c4c007dd955c0cdd377037625355d4fb078166d9
- SHA256
  
  d31a5d72e83043ee452b13eaaac8bea7dfd2a8800fcc9f57153c155c45df8671
- SHA512
  
  a016d0d4d1c564c76430061cc5b697934df1797f7c7ee0a6db26f0f2f6e1ca4aaea014a9a70881e1aee97bfe945f69e162751fd6307fc635acc9b2b64fe11c12
- SSDEEP
  
  768:+YY4jCR2J2dTVmQDauctW085lTZXfxkVRvSxcZfqBT5M2OxO48BGRliYsBYJj91G:zY4+R2J+mQW5t7YR8RvSxcZfaT5M2RBB
Score

10^/10

adware defense_evasion evasion stealer
- Modifies firewall policy service
  evasion
- Impair Defenses: Safe Mode Boot
  defense_evasion
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Browser Extensions

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Impair Defenses

Disable or Modify System Firewall

Safe Mode Boot

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwaredefense_evasionevasionstealer

behavioral2

adwaredefense_evasionevasionstealer

© 2018-2024

Terms | Privacy