3a4e89dbb0dbdab668504da7383947f07d3d3a2f0a1421a34cbb07a560072acf | Triage

Sharing

General

Target

3a4e89dbb0dbdab668504da7383947f07d3d3a2f0a1421a34cbb07a560072acf
Size

125KB
Sample

221127-3j21wagc36
MD5

fe3f8db28f2296b092115e1b01816621
SHA1

4be04b8e25089128d59199077028d35f55f9fa63
SHA256

3a4e89dbb0dbdab668504da7383947f07d3d3a2f0a1421a34cbb07a560072acf
SHA512

dde24d6645419e369e9d22465b353b81c44d22de57a3736447bc49bdb015e76ebb905e686a8695323cf574982d18d0c815a7573426a987b5e21b7c24dd308379
SSDEEP

3072:EmeDmBqskJeVmO2OYPe3sS10vvHeF19Rsro9592OO5DsV:E85VmO21Cs9GH2ro9/2GV

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  3a4e89dbb0dbdab668504da7383947f07d3d3a2f0a1421a34cbb07a560072acf
- Size
  
  125KB
- MD5
  
  fe3f8db28f2296b092115e1b01816621
- SHA1
  
  4be04b8e25089128d59199077028d35f55f9fa63
- SHA256
  
  3a4e89dbb0dbdab668504da7383947f07d3d3a2f0a1421a34cbb07a560072acf
- SHA512
  
  dde24d6645419e369e9d22465b353b81c44d22de57a3736447bc49bdb015e76ebb905e686a8695323cf574982d18d0c815a7573426a987b5e21b7c24dd308379
- SSDEEP
  
  3072:EmeDmBqskJeVmO2OYPe3sS10vvHeF19Rsro9592OO5DsV:E85VmO21Cs9GH2ro9/2GV
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer