b834a5291698cf9087eeaf66b39610633410b38315f4c10b4bed5b6057e88369 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b834a5291698cf9087eeaf66b39610633410b38315f4c10b4bed5b6057e88369
Size

17KB
Sample

221020-ydjvwsbgbr
MD5

96ac039672d6c25a51764fe143fee983
SHA1

1cf9ff867e7f14a570b242c8c6fd9657bd61a7fc
SHA256

b834a5291698cf9087eeaf66b39610633410b38315f4c10b4bed5b6057e88369
SHA512

e4584a38c9c3121e8df7ecb09903ab3baf8b32ba3713b5db7a81c05e25a4d480b10be32ed21ec3d57b4894c0178fb5d7e8441f5aade0d8e1ca1ed6e6c4b26f0d
SSDEEP

192:dP1oyn7qldKYKfsxApWNNSQXx2suKk1T2yTOIw4U4fHCjG3HUwMtznS6xNwqdzH5:J1opKfWSQho2EOSr82H6tbNfwqZRD

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  b834a5291698cf9087eeaf66b39610633410b38315f4c10b4bed5b6057e88369
- Size
  
  17KB
- MD5
  
  96ac039672d6c25a51764fe143fee983
- SHA1
  
  1cf9ff867e7f14a570b242c8c6fd9657bd61a7fc
- SHA256
  
  b834a5291698cf9087eeaf66b39610633410b38315f4c10b4bed5b6057e88369
- SHA512
  
  e4584a38c9c3121e8df7ecb09903ab3baf8b32ba3713b5db7a81c05e25a4d480b10be32ed21ec3d57b4894c0178fb5d7e8441f5aade0d8e1ca1ed6e6c4b26f0d
- SSDEEP
  
  192:dP1oyn7qldKYKfsxApWNNSQXx2suKk1T2yTOIw4U4fHCjG3HUwMtznS6xNwqdzH5:J1opKfWSQho2EOSr82H6tbNfwqZRD
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2