cab99e0dd8cb9752b50f6af5c0aa0eade53123a4911a429448a2c015c10090af | Triage

Sharing

General

Target

cab99e0dd8cb9752b50f6af5c0aa0eade53123a4911a429448a2c015c10090af
Size

188KB
Sample

221123-mvpa6afa98
MD5

b6bb775b5aa960c8ed84b1f748b96370
SHA1

48f25b01dfb4b71ac139f4dff9f146f9dd2fb3bb
SHA256

cab99e0dd8cb9752b50f6af5c0aa0eade53123a4911a429448a2c015c10090af
SHA512

d2ee3b10ccbf620d20b637350e826b0fec1fee5d09962887ffdcd99f2cb8b2cfd8544cdeeff603ce6201adcb749b38b74c894133899a5d6e8bccf10cc71a0df6
SSDEEP

3072:VHOEInXTLkYyxglKWN5VcNSfFKAvbTewL7KFL2XC6T:VHSLkFgfNU1Avb9L7Kd2XC6

Score

10^/10

adware evasion stealer trojan

Malware Config

Targets

- Target
  
  cab99e0dd8cb9752b50f6af5c0aa0eade53123a4911a429448a2c015c10090af
- Size
  
  188KB
- MD5
  
  b6bb775b5aa960c8ed84b1f748b96370
- SHA1
  
  48f25b01dfb4b71ac139f4dff9f146f9dd2fb3bb
- SHA256
  
  cab99e0dd8cb9752b50f6af5c0aa0eade53123a4911a429448a2c015c10090af
- SHA512
  
  d2ee3b10ccbf620d20b637350e826b0fec1fee5d09962887ffdcd99f2cb8b2cfd8544cdeeff603ce6201adcb749b38b74c894133899a5d6e8bccf10cc71a0df6
- SSDEEP
  
  3072:VHOEInXTLkYyxglKWN5VcNSfFKAvbTewL7KFL2XC6T:VHSLkFgfNU1Avb9L7Kd2XC6
Score

10^/10

adware evasion stealer trojan
- UAC bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealertrojan

behavioral2

adwareevasionstealertrojan