25acab3f5b5063c85a0d23d994a4d1755e320919e7bcedfee7ad91cf349de224

General

Target

25acab3f5b5063c85a0d23d994a4d1755e320919e7bcedfee7ad91cf349de224
Size

350KB
Sample

221106-exjjpacbf4
MD5

204bfeaaa385a07a53d0368d6ca56ad0
SHA1

c9de1a8d55452874be23182e4d7093e5a8521fb4
SHA256

25acab3f5b5063c85a0d23d994a4d1755e320919e7bcedfee7ad91cf349de224
SHA512

d8f382f58ccc24b7612370b0b030003da3f4bdc6273af06efc2a7dedfab02750974d52077ac7b2959be7638ae460c6d10168ea7b364124a8d21f92e0e7bf2cc7
SSDEEP

6144:pyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:p3BdQLL4BE93NGVYZX9BukJlwxSJdEm

Score

8^/10

Malware Config

Targets

- Target
  
  25acab3f5b5063c85a0d23d994a4d1755e320919e7bcedfee7ad91cf349de224
- Size
  
  350KB
- MD5
  
  204bfeaaa385a07a53d0368d6ca56ad0
- SHA1
  
  c9de1a8d55452874be23182e4d7093e5a8521fb4
- SHA256
  
  25acab3f5b5063c85a0d23d994a4d1755e320919e7bcedfee7ad91cf349de224
- SHA512
  
  d8f382f58ccc24b7612370b0b030003da3f4bdc6273af06efc2a7dedfab02750974d52077ac7b2959be7638ae460c6d10168ea7b364124a8d21f92e0e7bf2cc7
- SSDEEP
  
  6144:pyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:p3BdQLL4BE93NGVYZX9BukJlwxSJdEm
Score

8^/10

adware discovery exploit persistence stealer upx
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Modifies file permissions
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

1

T1176

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Possible privilege escalation attempt

Sets service image path in registry

UPX packed file

Deletes itself

Modifies file permissions

Installs/modifies Browser Helper Object

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2