eef03acc35301da1fa2268e7f2b1dc666888e57d4f3a9fe9e20bd37f3b8ef519 | Triage

Sharing

General

Target

eef03acc35301da1fa2268e7f2b1dc666888e57d4f3a9fe9e20bd37f3b8ef519
Size

3.7MB
Sample

221123-syya5aff6z
MD5

7c0c3b9ad0ddc47ac5124fd28f4c8487
SHA1

ba7c97a1e5fd68ff4972552feb129287f8151ca2
SHA256

eef03acc35301da1fa2268e7f2b1dc666888e57d4f3a9fe9e20bd37f3b8ef519
SHA512

161b7fc7e7f6d61509485c842f8fa25ac9f0c57a3963a1d20710d3728e8a881c880e66c0c70b271b71957ae34bd61f28e9254a3a507ed2f0599416e95b27ffe8
SSDEEP

98304:PkmQL/ZEg0HBI08J6FHdobEJPlSWqfX3rJ:smQL/ZR0hI0VH6oJPlQ3l

Score

8^/10

adware discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  eef03acc35301da1fa2268e7f2b1dc666888e57d4f3a9fe9e20bd37f3b8ef519
- Size
  
  3.7MB
- MD5
  
  7c0c3b9ad0ddc47ac5124fd28f4c8487
- SHA1
  
  ba7c97a1e5fd68ff4972552feb129287f8151ca2
- SHA256
  
  eef03acc35301da1fa2268e7f2b1dc666888e57d4f3a9fe9e20bd37f3b8ef519
- SHA512
  
  161b7fc7e7f6d61509485c842f8fa25ac9f0c57a3963a1d20710d3728e8a881c880e66c0c70b271b71957ae34bd61f28e9254a3a507ed2f0599416e95b27ffe8
- SSDEEP
  
  98304:PkmQL/ZEg0HBI08J6FHdobEJPlSWqfX3rJ:smQL/ZR0hI0VH6oJPlQ3l
Score

8^/10

adware discovery persistence spyware stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

adwarediscoverypersistencespywarestealer