52266c6f4b5cae131efe1b589f8bac999ceda5dabf6e58f3a851e704a78195b8 | Triage

Sharing

General

Target

52266c6f4b5cae131efe1b589f8bac999ceda5dabf6e58f3a851e704a78195b8
Size

761KB
Sample

221020-gvbr6shab7
MD5

8103fe5ad5cb247bf4ecd74ab2ad5340
SHA1

cad32757ab3e72e6291595064827ac38ae84ace0
SHA256

52266c6f4b5cae131efe1b589f8bac999ceda5dabf6e58f3a851e704a78195b8
SHA512

31a39b5b05636600c623b7bedf7849db43013ccb15d39cf0fdfaed3bfa6df1c9eefcbbecff753f960ea302f39143fcfe07a35217140dd741fb494745b8382967
SSDEEP

12288:j9OMzV5ZuZ4XeA3JFrHZNYUneagcOuLnmAbE9/lbvM6JbLyTGl4c+4EzvCNmEPM:o2XhJFrzeap9DB41tM6JbUV60akEk

Score

8^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  52266c6f4b5cae131efe1b589f8bac999ceda5dabf6e58f3a851e704a78195b8
- Size
  
  761KB
- MD5
  
  8103fe5ad5cb247bf4ecd74ab2ad5340
- SHA1
  
  cad32757ab3e72e6291595064827ac38ae84ace0
- SHA256
  
  52266c6f4b5cae131efe1b589f8bac999ceda5dabf6e58f3a851e704a78195b8
- SHA512
  
  31a39b5b05636600c623b7bedf7849db43013ccb15d39cf0fdfaed3bfa6df1c9eefcbbecff753f960ea302f39143fcfe07a35217140dd741fb494745b8382967
- SSDEEP
  
  12288:j9OMzV5ZuZ4XeA3JFrHZNYUneagcOuLnmAbE9/lbvM6JbLyTGl4c+4EzvCNmEPM:o2XhJFrzeap9DB41tM6JbUV60akEk
Score

8^/10

adware persistence stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer