Overview

overview

6

Static

static

3

cobranca2avia.exe

windows7-x64

6

cobranca2avia.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1aa12c6555229093eb8d63aa6bfe1704_JaffaCakes118

  • Size

    118KB

  • Sample

    240701-kh1gjs1hmg

  • MD5

    1aa12c6555229093eb8d63aa6bfe1704

  • SHA1

    fe1439388ba6a2ed886887864db6f676896fb609

  • SHA256

    395684a2968fb770c58e0a40592ba4cbfa612e2de127dd2ca09c0a1fd0013112

  • SHA512

    13a9607a72be712a8967361e294a2a57a91339e525380799a59120b5d21f3c530a95c67ef76e98b293689a52487677f65b101192e2591cf2706fcd9849198df8

  • SSDEEP

    3072:RpWLkDQTSHSr63EhwNJ1helL0i2L3f3qgl6zV:vWXGHr3oQJi2r3qgl2V

Score
6/10
adwarestealer

Malware Config

Targets

    • Target

      cobranca2avia.com

    • Size

      164KB

    • MD5

      1e4ba71f5777eb7b795d87662e254229

    • SHA1

      78b02858242e42bc6296a2e14d2b71ebb151fbf1

    • SHA256

      b062652846f437d6f1f6e76111ab585d0ce86f505044f8bb1b56ccc3f7eddf98

    • SHA512

      6656a02285394ca104868e5ff43d7372279c7bc7a60a1cbe235169865cc0cef636730ad2b94bc95e2aac2b3be2469aacac363bfdda9969c530d12e2e310033d6

    • SSDEEP

      3072:wunq34X99GHLAHSr63EhwNJ1hglL0i2L35BmpJMFfx0VT5cJR9ruoWxbE:wunqksrAHr3oQHi2qoFfx0VT5cJR9ioW

    Score
    6/10
    adwarestealer

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks