bf27c854532a8bc5947a59440f9f1cc1153efa2da1ac3325c24c39b515e270cc | Triage

Sharing

General

Target

bf27c854532a8bc5947a59440f9f1cc1153efa2da1ac3325c24c39b515e270cc
Size

125KB
Sample

221128-afef7ahh79
MD5

09e9f0a729d950894c6636e64ff2e9dc
SHA1

aa0e34ae71905d2c9bf8343a18afa85b5e4c9f12
SHA256

bf27c854532a8bc5947a59440f9f1cc1153efa2da1ac3325c24c39b515e270cc
SHA512

93f214a9851aef8dd3c5f5d23c6d2c177f13d816c0e0e17501e06619f4233dbb31ccf8062703a5dab8b2cd4dc02bd5decfdf6024ee86a76a70cd60eac49b18e3
SSDEEP

3072:EmeDmBqskJoDvQ81oI/DyhKOpcCN6+WGqM/OsYProSdu:E8hz1RbydNmG//NUrDo

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  bf27c854532a8bc5947a59440f9f1cc1153efa2da1ac3325c24c39b515e270cc
- Size
  
  125KB
- MD5
  
  09e9f0a729d950894c6636e64ff2e9dc
- SHA1
  
  aa0e34ae71905d2c9bf8343a18afa85b5e4c9f12
- SHA256
  
  bf27c854532a8bc5947a59440f9f1cc1153efa2da1ac3325c24c39b515e270cc
- SHA512
  
  93f214a9851aef8dd3c5f5d23c6d2c177f13d816c0e0e17501e06619f4233dbb31ccf8062703a5dab8b2cd4dc02bd5decfdf6024ee86a76a70cd60eac49b18e3
- SSDEEP
  
  3072:EmeDmBqskJoDvQ81oI/DyhKOpcCN6+WGqM/OsYProSdu:E8hz1RbydNmG//NUrDo
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer