c2a054d501557b80601bb71fd5580bd809a11d001407d122b9cbc66609e902bd | Triage

Sharing

General

Target

c2a054d501557b80601bb71fd5580bd809a11d001407d122b9cbc66609e902bd
Size

2.1MB
Sample

221124-fhvh3sad44
MD5

8aad8fefc7f1ba224601c3312467b380
SHA1

10dede04c29bde27164b80466e87572ee7e995b0
SHA256

c2a054d501557b80601bb71fd5580bd809a11d001407d122b9cbc66609e902bd
SHA512

cedca215c8a96340d3d8f3df1b9b3fcd1f09f59e4d27d26bdf2e8063fedf1032357d394afe383f1a41158cec7ea53a8a0fe5db1b6a8f08d8e11c704a8affc09c
SSDEEP

24576:h1OYdaOSjfen1Y6KIc8dPc3Mp6CzcJcB1TE1VyDGxQQYxMfyylmCHxxyJGb8tS:h1Os6ZIdJc346K1TcAGb8tS

Score

8^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  c2a054d501557b80601bb71fd5580bd809a11d001407d122b9cbc66609e902bd
- Size
  
  2.1MB
- MD5
  
  8aad8fefc7f1ba224601c3312467b380
- SHA1
  
  10dede04c29bde27164b80466e87572ee7e995b0
- SHA256
  
  c2a054d501557b80601bb71fd5580bd809a11d001407d122b9cbc66609e902bd
- SHA512
  
  cedca215c8a96340d3d8f3df1b9b3fcd1f09f59e4d27d26bdf2e8063fedf1032357d394afe383f1a41158cec7ea53a8a0fe5db1b6a8f08d8e11c704a8affc09c
- SSDEEP
  
  24576:h1OYdaOSjfen1Y6KIc8dPc3Mp6CzcJcB1TE1VyDGxQQYxMfyylmCHxxyJGb8tS:h1Os6ZIdJc346K1TcAGb8tS
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer