64447286b91e13c7480fc2a2184ed2f71d9d0fac02c95cce7988871bbce45b47 | Triage

Sharing

General

Target

64447286b91e13c7480fc2a2184ed2f71d9d0fac02c95cce7988871bbce45b47
Size

2.1MB
Sample

221125-1scq8she53
MD5

ce0efff18be8c3c7619096adb7eabd6a
SHA1

ab5681ee7badf25ed610aa9335d8cdaaa1ee1da8
SHA256

64447286b91e13c7480fc2a2184ed2f71d9d0fac02c95cce7988871bbce45b47
SHA512

4a9c2b6d4b5fd1a69e34ce3bdfd5c00390f1db9911539e1e87b2378f87ab4a7418e71b9dcd5bac870650ce037b313fc13d46992faa42caea5f55cbc6a257248a
SSDEEP

49152:h1OskhvaZG1MVEtzijkTvu2x/uw4B8FHFF6e:h1ODvaxMziy3/

Score

8^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  64447286b91e13c7480fc2a2184ed2f71d9d0fac02c95cce7988871bbce45b47
- Size
  
  2.1MB
- MD5
  
  ce0efff18be8c3c7619096adb7eabd6a
- SHA1
  
  ab5681ee7badf25ed610aa9335d8cdaaa1ee1da8
- SHA256
  
  64447286b91e13c7480fc2a2184ed2f71d9d0fac02c95cce7988871bbce45b47
- SHA512
  
  4a9c2b6d4b5fd1a69e34ce3bdfd5c00390f1db9911539e1e87b2378f87ab4a7418e71b9dcd5bac870650ce037b313fc13d46992faa42caea5f55cbc6a257248a
- SSDEEP
  
  49152:h1OskhvaZG1MVEtzijkTvu2x/uw4B8FHFF6e:h1ODvaxMziy3/
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer