58674a023d29bd355422713a36f2787ae59871c05e6e3349b64cc132d98a1cd7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58674a023d29bd355422713a36f2787ae59871c05e6e3349b64cc132d98a1cd7
Size

2.0MB
Sample

221124-ftm85sbb64
MD5

a0f637c8c437a41928000dfb7c571613
SHA1

79d60800c76bdb1c9d61edb0110eeea2f68b202a
SHA256

58674a023d29bd355422713a36f2787ae59871c05e6e3349b64cc132d98a1cd7
SHA512

eeb30853297473282091e1e639454ae923f93a80bf9472454b86aa59796d4ddd0da58ab94fa36e97cb791f00af1d9ea8ed9c1f25116bb7298a94899a559bfea1
SSDEEP

24576:h1OYdaOVI6E5REGb4sp9whi3+GVFAc7Ynf+eCI3mF7RGT116QDCp2hD4iFhgFau1:h1OsQb4splF+nf+1bF9BQupbFMQ/

Score

8^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  58674a023d29bd355422713a36f2787ae59871c05e6e3349b64cc132d98a1cd7
- Size
  
  2.0MB
- MD5
  
  a0f637c8c437a41928000dfb7c571613
- SHA1
  
  79d60800c76bdb1c9d61edb0110eeea2f68b202a
- SHA256
  
  58674a023d29bd355422713a36f2787ae59871c05e6e3349b64cc132d98a1cd7
- SHA512
  
  eeb30853297473282091e1e639454ae923f93a80bf9472454b86aa59796d4ddd0da58ab94fa36e97cb791f00af1d9ea8ed9c1f25116bb7298a94899a559bfea1
- SSDEEP
  
  24576:h1OYdaOVI6E5REGb4sp9whi3+GVFAc7Ynf+eCI3mF7RGT116QDCp2hD4iFhgFau1:h1OsQb4splF+nf+1bF9BQupbFMQ/
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer