21f5c6e814717f8ea5eec3331b3b6131b20f244995f838d6517bf910d7480eb9 | Triage

Sharing

General

Target

21f5c6e814717f8ea5eec3331b3b6131b20f244995f838d6517bf910d7480eb9
Size

125KB
Sample

221128-cd9knabd4y
MD5

60b304d07a0e2ceeaf42e99e7435c02a
SHA1

332f3931ef88bcfc6609257cc594eee3fb8c6fad
SHA256

21f5c6e814717f8ea5eec3331b3b6131b20f244995f838d6517bf910d7480eb9
SHA512

63f99e28f06b0a2cf45446c1bdb5296e319c2d80c8415b06be1c998aa8384c65191b6c8e644892116b1ec6979a84303c744ea1b5659e8b9c476ca1fdc622ccbd
SSDEEP

3072:EmeDmBqskJKSFMWgQlCaKR8HaNvw/FSRJPFV17j:E85QgQcaKGHahwWJ

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  21f5c6e814717f8ea5eec3331b3b6131b20f244995f838d6517bf910d7480eb9
- Size
  
  125KB
- MD5
  
  60b304d07a0e2ceeaf42e99e7435c02a
- SHA1
  
  332f3931ef88bcfc6609257cc594eee3fb8c6fad
- SHA256
  
  21f5c6e814717f8ea5eec3331b3b6131b20f244995f838d6517bf910d7480eb9
- SHA512
  
  63f99e28f06b0a2cf45446c1bdb5296e319c2d80c8415b06be1c998aa8384c65191b6c8e644892116b1ec6979a84303c744ea1b5659e8b9c476ca1fdc622ccbd
- SSDEEP
  
  3072:EmeDmBqskJKSFMWgQlCaKR8HaNvw/FSRJPFV17j:E85QgQcaKGHahwWJ
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer