d134b3ff18ce49640a442de93d6280cfd245b50ca171f3c90806aaa5d4b543a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d134b3ff18ce49640a442de93d6280cfd245b50ca171f3c90806aaa5d4b543a3
Size

204KB
Sample

221012-srtpcshber
MD5

6a4de68fc2804b6c13a5d2abaa8abfb0
SHA1

a51c86e0d2a513f5e4bfdd4bea5ca64c4af8f4e1
SHA256

d134b3ff18ce49640a442de93d6280cfd245b50ca171f3c90806aaa5d4b543a3
SHA512

f4565e6ca9d91dd875741bba6a8006a409134a0eb84213af8fbebea129aae26c09bd64a3c67841e9b22d4c25681f3133707fd4f1514ff04f751305f3bef17cb0
SSDEEP

3072:bZWRowsodnPxy+rri2H/qBrFd0NgWLYv4ls5jyYXdvS5ByUdoZfP:dWRlddnBXi3BN3vgaFtU0

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  d134b3ff18ce49640a442de93d6280cfd245b50ca171f3c90806aaa5d4b543a3
- Size
  
  204KB
- MD5
  
  6a4de68fc2804b6c13a5d2abaa8abfb0
- SHA1
  
  a51c86e0d2a513f5e4bfdd4bea5ca64c4af8f4e1
- SHA256
  
  d134b3ff18ce49640a442de93d6280cfd245b50ca171f3c90806aaa5d4b543a3
- SHA512
  
  f4565e6ca9d91dd875741bba6a8006a409134a0eb84213af8fbebea129aae26c09bd64a3c67841e9b22d4c25681f3133707fd4f1514ff04f751305f3bef17cb0
- SSDEEP
  
  3072:bZWRowsodnPxy+rri2H/qBrFd0NgWLYv4ls5jyYXdvS5ByUdoZfP:dWRlddnBXi3BN3vgaFtU0
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer