153f2ebcd9845aac15c1033dcb173911ec5ad8390f8f1a283a3cea4996bc46f2 | Triage

Sharing

General

Target

153f2ebcd9845aac15c1033dcb173911ec5ad8390f8f1a283a3cea4996bc46f2
Size

4.3MB
Sample

221125-e9jefsfb5z
MD5

6857f7ec17481ef8cc931491bf6c8802
SHA1

b04ce5026d0c552d77ba20a671b7c3743d037df7
SHA256

153f2ebcd9845aac15c1033dcb173911ec5ad8390f8f1a283a3cea4996bc46f2
SHA512

70cee33e1cb8afbbfa9f4440f484ea4097f5ffa74da046368b548d371c332fea61488aa600e366fded6949b3a2905208222eed88a20987f75d4540835f147788
SSDEEP

49152:+SuK4jZ0WHCpNqLmxup46dGKvghxfki1fc7SKuyoC3yE/Ac5mWxnmrsr:V2Z0Nvq8Kcu7SKdoWNAxenj

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  153f2ebcd9845aac15c1033dcb173911ec5ad8390f8f1a283a3cea4996bc46f2
- Size
  
  4.3MB
- MD5
  
  6857f7ec17481ef8cc931491bf6c8802
- SHA1
  
  b04ce5026d0c552d77ba20a671b7c3743d037df7
- SHA256
  
  153f2ebcd9845aac15c1033dcb173911ec5ad8390f8f1a283a3cea4996bc46f2
- SHA512
  
  70cee33e1cb8afbbfa9f4440f484ea4097f5ffa74da046368b548d371c332fea61488aa600e366fded6949b3a2905208222eed88a20987f75d4540835f147788
- SSDEEP
  
  49152:+SuK4jZ0WHCpNqLmxup46dGKvghxfki1fc7SKuyoC3yE/Ac5mWxnmrsr:V2Z0Nvq8Kcu7SKdoWNAxenj
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer