0337269cb7824bffbf388929b90e85a93f1b01587a5b611d8cf8ea4498ac4480 | Triage

Sharing

General

Target

0337269cb7824bffbf388929b90e85a93f1b01587a5b611d8cf8ea4498ac4480
Size

2.3MB
Sample

220528-bnj73sbfg3
MD5

85fb0ee4d7db16493aa9e0095b9adbd2
SHA1

6b1625fc64825b5e38606cd4e5a8336b0cd76ef9
SHA256

0337269cb7824bffbf388929b90e85a93f1b01587a5b611d8cf8ea4498ac4480
SHA512

8dc756f1c5ec5fabe27f70b5da15b97fa462eecd8f0589480fff957d15841361d23bfb81d1b5a0517e3ccba0f8752f8b0b9e01167481b0dcf388d3e0cc0b821f

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  0337269cb7824bffbf388929b90e85a93f1b01587a5b611d8cf8ea4498ac4480
- Size
  
  2.3MB
- MD5
  
  85fb0ee4d7db16493aa9e0095b9adbd2
- SHA1
  
  6b1625fc64825b5e38606cd4e5a8336b0cd76ef9
- SHA256
  
  0337269cb7824bffbf388929b90e85a93f1b01587a5b611d8cf8ea4498ac4480
- SHA512
  
  8dc756f1c5ec5fabe27f70b5da15b97fa462eecd8f0589480fff957d15841361d23bfb81d1b5a0517e3ccba0f8752f8b0b9e01167481b0dcf388d3e0cc0b821f
Score

8^/10

adware discovery persistence stealer
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer