3379bd6d6bc19b71847127cc852e5d43057b26a48bd9c96a572bc7662eb97720 | Triage

Sharing

General

Target

3379bd6d6bc19b71847127cc852e5d43057b26a48bd9c96a572bc7662eb97720
Size

4.1MB
Sample

221125-dja5qafh99
MD5

2542bcafcbbce59925365ccf86d7acc1
SHA1

9226323eb0ebeff1d2fc665fcad82dcca75c1221
SHA256

3379bd6d6bc19b71847127cc852e5d43057b26a48bd9c96a572bc7662eb97720
SHA512

5baa09a465fab477abcfde92e7186e8b887cf335285284c545be106ed5f0baf9a9426d4d5f45ad648f0c68e8de25c3171783a82f06586e534b4d8f94f33afc98
SSDEEP

49152:5RvmsLQJJ/8QtjUVqA0wXMVnfwZU5Bcum+qHSyafO8jsnHsiLw8LQkGTqg:5ZmHqQWHMNqZafO8C/Lwrk8q

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  3379bd6d6bc19b71847127cc852e5d43057b26a48bd9c96a572bc7662eb97720
- Size
  
  4.1MB
- MD5
  
  2542bcafcbbce59925365ccf86d7acc1
- SHA1
  
  9226323eb0ebeff1d2fc665fcad82dcca75c1221
- SHA256
  
  3379bd6d6bc19b71847127cc852e5d43057b26a48bd9c96a572bc7662eb97720
- SHA512
  
  5baa09a465fab477abcfde92e7186e8b887cf335285284c545be106ed5f0baf9a9426d4d5f45ad648f0c68e8de25c3171783a82f06586e534b4d8f94f33afc98
- SSDEEP
  
  49152:5RvmsLQJJ/8QtjUVqA0wXMVnfwZU5Bcum+qHSyafO8jsnHsiLw8LQkGTqg:5ZmHqQWHMNqZafO8C/Lwrk8q
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer