befac03667d224ef5c31c8e73f0bf88fb13f9a27c9d258e5c923baca21630f6a | Triage

Sharing

General

Target

c2a98a2d64c966fd704e9056cd21c5552690cc6ac2d4c80799f105135a81e5b2.zip
Size

113KB
Sample

201104-39mcwttqhs
MD5

cd79da1dbf1b11d1094f503b0a944978
SHA1

6d01b0de6757489c649efde5ad4b026925aedd6c
SHA256

befac03667d224ef5c31c8e73f0bf88fb13f9a27c9d258e5c923baca21630f6a
SHA512

167155f3f8e93517962fac91d1ed3bb634c104a7cd74807988061d1caf17b4fefd734e526e9238e6d5337e3a80a842e16d901267725fb5bb6bcf02b2eb55d176

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  c2a98a2d64c966fd704e9056cd21c5552690cc6ac2d4c80799f105135a81e5b2
- Size
  
  125KB
- MD5
  
  47d439708dc12a907d4abaab586d8a7f
- SHA1
  
  3a9fc4d528f5fb64c5626fb9aae3856a815ea286
- SHA256
  
  c2a98a2d64c966fd704e9056cd21c5552690cc6ac2d4c80799f105135a81e5b2
- SHA512
  
  740fc9324ecbc5bdc1ef8095306cbb356d41fb1f526753b046f255bb11de58a5614b202326f7c11eb47e6dbc64fb3ccbc340e60307828469ca3b9d328fb89999
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer