a477ea187d43cea91a5bcfb5e2d6609d192c29b0f8dc2979a2096986bba88192

General

Target

a477ea187d43cea91a5bcfb5e2d6609d192c29b0f8dc2979a2096986bba88192
Size

350KB
Sample

221107-f6p89schdn
MD5

0d1afcba9798b04f1f8cb790f01a3300
SHA1

fa57ea84af2a380c493d30830118c80e8f2bbc09
SHA256

a477ea187d43cea91a5bcfb5e2d6609d192c29b0f8dc2979a2096986bba88192
SHA512

6eefa29448c6c1ae2139088be9e08d3c82f362f2aba5efbcb273109104eb5b7623dec71edc5b26e07717a8b12aa69a5610353b9da3d1c126ee1d685cdcc095f0
SSDEEP

6144:gyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:g3BdQLL4BE93NGVYZX9BukJlwxSJdEm

Score

8^/10

Malware Config

Targets

- Target
  
  a477ea187d43cea91a5bcfb5e2d6609d192c29b0f8dc2979a2096986bba88192
- Size
  
  350KB
- MD5
  
  0d1afcba9798b04f1f8cb790f01a3300
- SHA1
  
  fa57ea84af2a380c493d30830118c80e8f2bbc09
- SHA256
  
  a477ea187d43cea91a5bcfb5e2d6609d192c29b0f8dc2979a2096986bba88192
- SHA512
  
  6eefa29448c6c1ae2139088be9e08d3c82f362f2aba5efbcb273109104eb5b7623dec71edc5b26e07717a8b12aa69a5610353b9da3d1c126ee1d685cdcc095f0
- SSDEEP
  
  6144:gyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:g3BdQLL4BE93NGVYZX9BukJlwxSJdEm
Score

8^/10

adware discovery exploit persistence stealer upx
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Modifies file permissions
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

1

T1176

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Possible privilege escalation attempt

Sets service image path in registry

UPX packed file

Deletes itself

Modifies file permissions

Installs/modifies Browser Helper Object

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2