ccc4edd9fdc4e637e55a067d4ad8326613005168f2936a8dfb9856b4519dcb8f | Triage

Sharing

General

Target

ccc4edd9fdc4e637e55a067d4ad8326613005168f2936a8dfb9856b4519dcb8f
Size

4.3MB
Sample

221124-xtcwvadc27
MD5

eec545b9776e3d891c417605d5bde968
SHA1

822893fda27b35b97b21223fd79cdc704ba5a3d0
SHA256

ccc4edd9fdc4e637e55a067d4ad8326613005168f2936a8dfb9856b4519dcb8f
SHA512

8b4d5727644fe388c99a4ff1ad99b2e2b058514a181bd50340e5697a5209625b05497f8fdc52e2e961a656dc573858910df548397b69de24cfa4a28c65aaddea
SSDEEP

98304:yWsZRLeXNFHCq/j31am/cD7HjJohciLKDU:4HKXjj31aJJOcOKD

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  ccc4edd9fdc4e637e55a067d4ad8326613005168f2936a8dfb9856b4519dcb8f
- Size
  
  4.3MB
- MD5
  
  eec545b9776e3d891c417605d5bde968
- SHA1
  
  822893fda27b35b97b21223fd79cdc704ba5a3d0
- SHA256
  
  ccc4edd9fdc4e637e55a067d4ad8326613005168f2936a8dfb9856b4519dcb8f
- SHA512
  
  8b4d5727644fe388c99a4ff1ad99b2e2b058514a181bd50340e5697a5209625b05497f8fdc52e2e961a656dc573858910df548397b69de24cfa4a28c65aaddea
- SSDEEP
  
  98304:yWsZRLeXNFHCq/j31am/cD7HjJohciLKDU:4HKXjj31aJJOcOKD
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer