868da88158951b51e5ad58d698bfdb75ec3b2898b4584232e31f5b47c298c110 | Triage

Sharing

General

Target

868da88158951b51e5ad58d698bfdb75ec3b2898b4584232e31f5b47c298c110
Size

4.3MB
Sample

221124-2rjc3ahb61
MD5

293d119f5a6b9f39e59172fe7d8642fe
SHA1

2460c77642696ba55d56295396e1deca4c7302a8
SHA256

868da88158951b51e5ad58d698bfdb75ec3b2898b4584232e31f5b47c298c110
SHA512

a48faca114569219e9d12af640c0a876a998a0a456ccc7db4fec14c532d993aaf1b686093f3c456e329560ce952b82db58869b5990afd4477f4e3a871160b1d3
SSDEEP

49152:5COqIz5U23CZ+6rmxup4YdGKvghxfki1hPXGIjQ7yoC3yE/Ac5mWxnmOb:Q25U946+KcbP2iQuoWNAxen5

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  868da88158951b51e5ad58d698bfdb75ec3b2898b4584232e31f5b47c298c110
- Size
  
  4.3MB
- MD5
  
  293d119f5a6b9f39e59172fe7d8642fe
- SHA1
  
  2460c77642696ba55d56295396e1deca4c7302a8
- SHA256
  
  868da88158951b51e5ad58d698bfdb75ec3b2898b4584232e31f5b47c298c110
- SHA512
  
  a48faca114569219e9d12af640c0a876a998a0a456ccc7db4fec14c532d993aaf1b686093f3c456e329560ce952b82db58869b5990afd4477f4e3a871160b1d3
- SSDEEP
  
  49152:5COqIz5U23CZ+6rmxup4YdGKvghxfki1hPXGIjQ7yoC3yE/Ac5mWxnmOb:Q25U946+KcbP2iQuoWNAxen5
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2