02028655ca4dfd27b5bdca4403c36e230ed498bf3745bd0df83f8a70cd056902 | Triage

Sharing

General

Target

02028655ca4dfd27b5bdca4403c36e230ed498bf3745bd0df83f8a70cd056902
Size

125KB
Sample

221127-2xvchsaf3s
MD5

9cdc86143010de7331c9b7155e06d1d9
SHA1

56ad86e190e5e9499aba6e672e260cfac89fe223
SHA256

02028655ca4dfd27b5bdca4403c36e230ed498bf3745bd0df83f8a70cd056902
SHA512

a319d5e9912e663ab356c08017c84d5c09912771607c78dd44cc3c0a5908cdde6c2b02a9ba9444dd297c4d252b4c57b12f4fa41f6ec835ae4d4153da022b448f
SSDEEP

3072:EmeDmBqskJV3y9OtQO0+4AxyBmEg6p1+FEm550MubINY/:E8UYOtQO05UF6p1+FCMmKY/

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  02028655ca4dfd27b5bdca4403c36e230ed498bf3745bd0df83f8a70cd056902
- Size
  
  125KB
- MD5
  
  9cdc86143010de7331c9b7155e06d1d9
- SHA1
  
  56ad86e190e5e9499aba6e672e260cfac89fe223
- SHA256
  
  02028655ca4dfd27b5bdca4403c36e230ed498bf3745bd0df83f8a70cd056902
- SHA512
  
  a319d5e9912e663ab356c08017c84d5c09912771607c78dd44cc3c0a5908cdde6c2b02a9ba9444dd297c4d252b4c57b12f4fa41f6ec835ae4d4153da022b448f
- SSDEEP
  
  3072:EmeDmBqskJV3y9OtQO0+4AxyBmEg6p1+FEm550MubINY/:E8UYOtQO05UF6p1+FCMmKY/
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer