cc3c85b050e2c5e2a5acceaf4a6e7a98f3f7bd41b67b0d011a0f09e2f2d86753 | Triage

Sharing

General

Target

cc3c85b050e2c5e2a5acceaf4a6e7a98f3f7bd41b67b0d011a0f09e2f2d86753
Size

4.3MB
Sample

221123-tcf1dsgg2x
MD5

023815e5bbb2622361efe9726391f521
SHA1

beefdc231b89e84c91e8835b348d23daba44553a
SHA256

cc3c85b050e2c5e2a5acceaf4a6e7a98f3f7bd41b67b0d011a0f09e2f2d86753
SHA512

b3feff6b15dd2677b921ac3f16a808c9cf5515a8cfd805fd228e5e97be2537c1a2e690368eabbb45bca71bcf29b8dd8997ef1eac9164eaa0e30e7e374eca9c70
SSDEEP

98304:6O1W+GLmuEcyneLfroGvNdZ7tJZqycRUa2:6oFuEKvNZJL3l

Score

8^/10

adware discovery persistence spyware stealer

Malware Config

Targets

- Target
  
  cc3c85b050e2c5e2a5acceaf4a6e7a98f3f7bd41b67b0d011a0f09e2f2d86753
- Size
  
  4.3MB
- MD5
  
  023815e5bbb2622361efe9726391f521
- SHA1
  
  beefdc231b89e84c91e8835b348d23daba44553a
- SHA256
  
  cc3c85b050e2c5e2a5acceaf4a6e7a98f3f7bd41b67b0d011a0f09e2f2d86753
- SHA512
  
  b3feff6b15dd2677b921ac3f16a808c9cf5515a8cfd805fd228e5e97be2537c1a2e690368eabbb45bca71bcf29b8dd8997ef1eac9164eaa0e30e7e374eca9c70
- SSDEEP
  
  98304:6O1W+GLmuEcyneLfroGvNdZ7tJZqycRUa2:6oFuEKvNZJL3l
Score

8^/10

adware discovery persistence spyware stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencespywarestealer

behavioral2