808f67bc35ffbbaf787d89564be8bfde99980c6296180f35933b71eeb2b91e53 | Triage

Sharing

General

Target

808f67bc35ffbbaf787d89564be8bfde99980c6296180f35933b71eeb2b91e53
Size

3.6MB
Sample

221125-jelcsaeg5s
MD5

e21338a61153075a902b085b0ba6f50b
SHA1

551a084f9b9319947840c6dc89b262ec45070a71
SHA256

808f67bc35ffbbaf787d89564be8bfde99980c6296180f35933b71eeb2b91e53
SHA512

b6cd9c4fe26935bbadae3e13dd80203d786c4789cf7025d2e4019e5b6b2ea6aaed610a0b405a051d495de6f7e36347fb94dbb99ac8d19055b120a9a7a3052731
SSDEEP

49152:s6QibfIS/k0KbXc9X5u34fYK/PkoqtsLM8JGsWJAsz4cRGQPTEXhFXdcs6:HADQuof5RqtsJhsccMp/

Score

8^/10

adware discovery persistence stealer

Malware Config

Targets

- Target
  
  808f67bc35ffbbaf787d89564be8bfde99980c6296180f35933b71eeb2b91e53
- Size
  
  3.6MB
- MD5
  
  e21338a61153075a902b085b0ba6f50b
- SHA1
  
  551a084f9b9319947840c6dc89b262ec45070a71
- SHA256
  
  808f67bc35ffbbaf787d89564be8bfde99980c6296180f35933b71eeb2b91e53
- SHA512
  
  b6cd9c4fe26935bbadae3e13dd80203d786c4789cf7025d2e4019e5b6b2ea6aaed610a0b405a051d495de6f7e36347fb94dbb99ac8d19055b120a9a7a3052731
- SSDEEP
  
  49152:s6QibfIS/k0KbXc9X5u34fYK/PkoqtsLM8JGsWJAsz4cRGQPTEXhFXdcs6:HADQuof5RqtsJhsccMp/
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer