d53b9ad771ce007c5c285679a4d5d462def75ad9a932d541550dfea12f4afcd9 | Triage

Sharing

General

Target

d53b9ad771ce007c5c285679a4d5d462def75ad9a932d541550dfea12f4afcd9
Size

3.6MB
Sample

221123-s9an7sdd39
MD5

60ff0d60e77f5926e87745c17e400058
SHA1

f23bc7bcf192949de62542c6ed27750aa7654e11
SHA256

d53b9ad771ce007c5c285679a4d5d462def75ad9a932d541550dfea12f4afcd9
SHA512

a6d23b07ad80d10d075e0dfd7a3dd0715db9be45c813a2c0d97de5c15fc0e2184493a2bc6e3981c3455aa570cf0e490459cdfd8f2a76a0797109bf6605df868a
SSDEEP

49152:g3dUbrCREU0ejFctssu34fYK/PkoqtX2x2D0/L3KYmswKvXtMcq:B+NG2of5RqtXfD0/DMS

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  d53b9ad771ce007c5c285679a4d5d462def75ad9a932d541550dfea12f4afcd9
- Size
  
  3.6MB
- MD5
  
  60ff0d60e77f5926e87745c17e400058
- SHA1
  
  f23bc7bcf192949de62542c6ed27750aa7654e11
- SHA256
  
  d53b9ad771ce007c5c285679a4d5d462def75ad9a932d541550dfea12f4afcd9
- SHA512
  
  a6d23b07ad80d10d075e0dfd7a3dd0715db9be45c813a2c0d97de5c15fc0e2184493a2bc6e3981c3455aa570cf0e490459cdfd8f2a76a0797109bf6605df868a
- SSDEEP
  
  49152:g3dUbrCREU0ejFctssu34fYK/PkoqtX2x2D0/L3KYmswKvXtMcq:B+NG2of5RqtXfD0/DMS
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer