1414302ad1c6af428f4e6c44f25584f67491c934225b49dd66db7ad83fa93fdb

General

Target

1414302ad1c6af428f4e6c44f25584f67491c934225b49dd66db7ad83fa93fdb
Size

350KB
Sample

221125-z7xvaaah41
MD5

6d314111ddf0995f82dfc3068c2e32a0
SHA1

c9cb66b83c78169a008ea42d938376edcae51db6
SHA256

1414302ad1c6af428f4e6c44f25584f67491c934225b49dd66db7ad83fa93fdb
SHA512

f9f0203c3d568960b9e46f7bd4ce13ca411cf7df0ac5536eb337ab1da448f66e080cbb27e43605cc11d3eefa5d9c5b0c53499051e2b5e1576895cac1432a491a
SSDEEP

6144:NyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:N3BdQLL4BE93NGVYZX9BukJlwxSJdEm

Score

8^/10

Malware Config

Targets

- Target
  
  1414302ad1c6af428f4e6c44f25584f67491c934225b49dd66db7ad83fa93fdb
- Size
  
  350KB
- MD5
  
  6d314111ddf0995f82dfc3068c2e32a0
- SHA1
  
  c9cb66b83c78169a008ea42d938376edcae51db6
- SHA256
  
  1414302ad1c6af428f4e6c44f25584f67491c934225b49dd66db7ad83fa93fdb
- SHA512
  
  f9f0203c3d568960b9e46f7bd4ce13ca411cf7df0ac5536eb337ab1da448f66e080cbb27e43605cc11d3eefa5d9c5b0c53499051e2b5e1576895cac1432a491a
- SSDEEP
  
  6144:NyXu7IEBSsQ9ElMwm60lmqs7MTRGA3h3GVqdppJXEGhBukJF/KAwxFUOWdEmh:N3BdQLL4BE93NGVYZX9BukJlwxSJdEm
Score

8^/10

adware discovery exploit persistence stealer upx
- Drops file in Drivers directory
- Possible privilege escalation attempt
  exploit
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Deletes itself
- Modifies file permissions
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

1

T1176

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Targets

Drops file in Drivers directory

Possible privilege escalation attempt

Sets service image path in registry

UPX packed file

Deletes itself

Modifies file permissions

Installs/modifies Browser Helper Object

Drops file in System32 directory

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2