8d853733b3c9de865514e1ca92a93621f276d8bd030e3460cfc14d11e9993a48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d853733b3c9de865514e1ca92a93621f276d8bd030e3460cfc14d11e9993a48
Size

2.1MB
Sample

221127-y3zmmsbb6x
MD5

fee5104da33c7107169a099b3c0157c6
SHA1

67bd3e167c858cbae5998c08f64da92a77a76474
SHA256

8d853733b3c9de865514e1ca92a93621f276d8bd030e3460cfc14d11e9993a48
SHA512

bf56cd04a271c2eae6c2e0e78da60fe371c2907d7ac45fd00b3da7fe4d62e4c791a86b2a10fc3dd743b3d495615e6bdfc8d464c9d1875fd76e4975e95dc636bf
SSDEEP

24576:h1OYdaOFTwLleYkTVug2PiL0jHM8WK5z6Sh19BUfOD4XRt1otyBNvJvMXzGK5Ihf:h1OsALARTQ9PimJWtShQnvQsruy

Score

8^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  8d853733b3c9de865514e1ca92a93621f276d8bd030e3460cfc14d11e9993a48
- Size
  
  2.1MB
- MD5
  
  fee5104da33c7107169a099b3c0157c6
- SHA1
  
  67bd3e167c858cbae5998c08f64da92a77a76474
- SHA256
  
  8d853733b3c9de865514e1ca92a93621f276d8bd030e3460cfc14d11e9993a48
- SHA512
  
  bf56cd04a271c2eae6c2e0e78da60fe371c2907d7ac45fd00b3da7fe4d62e4c791a86b2a10fc3dd743b3d495615e6bdfc8d464c9d1875fd76e4975e95dc636bf
- SSDEEP
  
  24576:h1OYdaOFTwLleYkTVug2PiL0jHM8WK5z6Sh19BUfOD4XRt1otyBNvJvMXzGK5Ihf:h1OsALARTQ9PimJWtShQnvQsruy
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer