aceb10dd1cb6c455e0f31b80446ea9232af493c5a5e4cc6ae0befb1d4f861cac | Triage

Submit
Reports

Overview

overview

7

Static

static

3

1aaacfa5ba...18.exe

windows7-x64

7

1aaacfa5ba...18.exe

windows10-2004-x64

7

Sharing

General

Target

1aaacfa5ba89e732192ef05c1af91ef7_JaffaCakes118
Size

79KB
Sample

240701-kr8jhswarj
MD5

1aaacfa5ba89e732192ef05c1af91ef7
SHA1

8c67aee19640bdf8394c31bcbfe90a6d3981516b
SHA256

aceb10dd1cb6c455e0f31b80446ea9232af493c5a5e4cc6ae0befb1d4f861cac
SHA512

4272a175ee0a1afd828ccc423482100b37f35e652524dfecd7f9ffc38e3d8e4f0816d29b081983c79eaadb64ceddd4a9e632941c96520ba74899a36b7e7b0132
SSDEEP

1536:Geff508RTuuhTDAA8//YEfsWfcBNhsBNSLzv8YpObL9YkIVerGAew4P/51x/JtSG:3ff508RTuuhTDAAY/YEfhfopLzvd7ZDd

Score

7^/10

adware persistence stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1aaacfa5ba89e732192ef05c1af91ef7_JaffaCakes118.exe

Resource

win7-20240221-en

adware persistence stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1aaacfa5ba89e732192ef05c1af91ef7_JaffaCakes118.exe

Resource

win10v2004-20240508-en

adware persistence stealer

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  1aaacfa5ba89e732192ef05c1af91ef7_JaffaCakes118
- Size
  
  79KB
- MD5
  
  1aaacfa5ba89e732192ef05c1af91ef7
- SHA1
  
  8c67aee19640bdf8394c31bcbfe90a6d3981516b
- SHA256
  
  aceb10dd1cb6c455e0f31b80446ea9232af493c5a5e4cc6ae0befb1d4f861cac
- SHA512
  
  4272a175ee0a1afd828ccc423482100b37f35e652524dfecd7f9ffc38e3d8e4f0816d29b081983c79eaadb64ceddd4a9e632941c96520ba74899a36b7e7b0132
- SSDEEP
  
  1536:Geff508RTuuhTDAA8//YEfsWfcBNhsBNSLzv8YpObL9YkIVerGAew4P/51x/JtSG:3ff508RTuuhTDAAY/YEfhfopLzvd7ZDd
Score

7^/10

adware persistence stealer
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer

© 2018-2024

Terms | Privacy