0151aeeaac5ffb7911202bc9a18843cdfff7abde67930330da7804d4235f24b6 | Triage

Sharing

General

Target

0151aeeaac5ffb7911202bc9a18843cdfff7abde67930330da7804d4235f24b6
Size

2.1MB
Sample

220523-y642jaacem
MD5

3124421d3dc689b3c242e8c28003ab73
SHA1

d64fe479b864bdae0a95697e196b4b60c11d017e
SHA256

0151aeeaac5ffb7911202bc9a18843cdfff7abde67930330da7804d4235f24b6
SHA512

3829d21d21666b22c0bb73b015a7b39a262bc37c491243d0be0dee5fbf31e5abf0a16e484b4ae50565e8f07b745bf442cb882c45cb4aeb820fa01c51b0acfe64

Score

8^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  0151aeeaac5ffb7911202bc9a18843cdfff7abde67930330da7804d4235f24b6
- Size
  
  2.1MB
- MD5
  
  3124421d3dc689b3c242e8c28003ab73
- SHA1
  
  d64fe479b864bdae0a95697e196b4b60c11d017e
- SHA256
  
  0151aeeaac5ffb7911202bc9a18843cdfff7abde67930330da7804d4235f24b6
- SHA512
  
  3829d21d21666b22c0bb73b015a7b39a262bc37c491243d0be0dee5fbf31e5abf0a16e484b4ae50565e8f07b745bf442cb882c45cb4aeb820fa01c51b0acfe64
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer