3f1b4f8b46917b03711e0507e6a66a4631ce9afde5bf7d196c59bf4b96f2cce5 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

1a7680b224...18.exe

windows7-x64

6

1a7680b224...18.exe

windows10-2004-x64

6

Sharing

General

Target

1a7680b2242ecbcf490a7d0d2e0c88ab_JaffaCakes118
Size

51KB
Sample

240628-rqtsasxbrq
MD5

1a7680b2242ecbcf490a7d0d2e0c88ab
SHA1

6987045db9a22c960c66dd1e563cd7f7c2cc25b5
SHA256

3f1b4f8b46917b03711e0507e6a66a4631ce9afde5bf7d196c59bf4b96f2cce5
SHA512

6d53e2fcd6a4986d7236e608f335e8cfa8d9a8ff7db615b53dcbe1a0b673b2fbe2d4de5d2c3ee7ee36a6f45a068fcfb7edcca12b596679428bf264eb496bae5f
SSDEEP

768:pqE6b6aJLdv8b1NBWfEHaLucaOxC/9UMcIS1IwGs1eK0E2DQS0yBz02x5ha5Cf:pqE5aT8TcLuc+UqwJeN30yFVb

Score

7^/10

adware aspackv2 persistence stealer

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

1a7680b2242ecbcf490a7d0d2e0c88ab_JaffaCakes118.exe

Resource

win7-20240508-en

adware persistence stealer

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

1a7680b2242ecbcf490a7d0d2e0c88ab_JaffaCakes118.exe

Resource

win10v2004-20240611-en

adware persistence stealer

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  1a7680b2242ecbcf490a7d0d2e0c88ab_JaffaCakes118
- Size
  
  51KB
- MD5
  
  1a7680b2242ecbcf490a7d0d2e0c88ab
- SHA1
  
  6987045db9a22c960c66dd1e563cd7f7c2cc25b5
- SHA256
  
  3f1b4f8b46917b03711e0507e6a66a4631ce9afde5bf7d196c59bf4b96f2cce5
- SHA512
  
  6d53e2fcd6a4986d7236e608f335e8cfa8d9a8ff7db615b53dcbe1a0b673b2fbe2d4de5d2c3ee7ee36a6f45a068fcfb7edcca12b596679428bf264eb496bae5f
- SSDEEP
  
  768:pqE6b6aJLdv8b1NBWfEHaLucaOxC/9UMcIS1IwGs1eK0E2DQS0yBz02x5ha5Cf:pqE5aT8TcLuc+UqwJeN30yFVb
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer

© 2018-2024

Terms | Privacy