565b9f81ffbc9a9dbe8cd444bb62db0c5b9a12877155430d569f53c276049b80 | Triage

Sharing

General

Target

565b9f81ffbc9a9dbe8cd444bb62db0c5b9a12877155430d569f53c276049b80
Size

126KB
Sample

221127-3bvltsbf7x
MD5

00456d289e3489b11a67130e0b98791d
SHA1

292cf8f52efdd8fdfeb5708036f66239c31df70b
SHA256

565b9f81ffbc9a9dbe8cd444bb62db0c5b9a12877155430d569f53c276049b80
SHA512

e5c1d0078194f929fe15631b218278131d922e0100fae02f63163a9d0f06ec2c3a096ac2532f9ad912670fb753562e677f225ad99b3eb6f010802ba0f6927c46
SSDEEP

1536:Ejae1wYxmBBoskJ7F2WhVszC17DpHSr6nxgeu3ceJQmX3DWstlUGeSog+GAXTuC9:EmeDmBqskJ7wE+214PJhzrrZeNdhRJ

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  565b9f81ffbc9a9dbe8cd444bb62db0c5b9a12877155430d569f53c276049b80
- Size
  
  126KB
- MD5
  
  00456d289e3489b11a67130e0b98791d
- SHA1
  
  292cf8f52efdd8fdfeb5708036f66239c31df70b
- SHA256
  
  565b9f81ffbc9a9dbe8cd444bb62db0c5b9a12877155430d569f53c276049b80
- SHA512
  
  e5c1d0078194f929fe15631b218278131d922e0100fae02f63163a9d0f06ec2c3a096ac2532f9ad912670fb753562e677f225ad99b3eb6f010802ba0f6927c46
- SSDEEP
  
  1536:Ejae1wYxmBBoskJ7F2WhVszC17DpHSr6nxgeu3ceJQmX3DWstlUGeSog+GAXTuC9:EmeDmBqskJ7wE+214PJhzrrZeNdhRJ
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer