920dce9b20e7f03b76fe00781414f97abcdee0fb08cf47781b3d4e25e3f2a74f | Triage

Sharing

General

Target

920dce9b20e7f03b76fe00781414f97abcdee0fb08cf47781b3d4e25e3f2a74f
Size

150KB
Sample

221129-f26epada2v
MD5

3febcd7efed09122dcc409ddd7f7a0e7
SHA1

0dff502578995870aca56c9b7b931a1e761ce5aa
SHA256

920dce9b20e7f03b76fe00781414f97abcdee0fb08cf47781b3d4e25e3f2a74f
SHA512

3a0a10bc5f427e86aa8dfd756fa4c63b80e58479aa33c684d90e31a6a4f3e90af1a1f7f1aefd295d827b9b85a441aed6741482e4b58092d9e8edd7e99a2b15f9
SSDEEP

3072:two2oNZOD4kU2LjZjPCOw9WW7l44vMWhNU8vsVFc3qqF3/EbKhZQpL:Oss4uLtC3WyNvM3c3FPEbaZa

Score

8^/10

adware aspackv2 persistence stealer

Malware Config

Targets

- Target
  
  920dce9b20e7f03b76fe00781414f97abcdee0fb08cf47781b3d4e25e3f2a74f
- Size
  
  150KB
- MD5
  
  3febcd7efed09122dcc409ddd7f7a0e7
- SHA1
  
  0dff502578995870aca56c9b7b931a1e761ce5aa
- SHA256
  
  920dce9b20e7f03b76fe00781414f97abcdee0fb08cf47781b3d4e25e3f2a74f
- SHA512
  
  3a0a10bc5f427e86aa8dfd756fa4c63b80e58479aa33c684d90e31a6a4f3e90af1a1f7f1aefd295d827b9b85a441aed6741482e4b58092d9e8edd7e99a2b15f9
- SSDEEP
  
  3072:two2oNZOD4kU2LjZjPCOw9WW7l44vMWhNU8vsVFc3qqF3/EbKhZQpL:Oss4uLtC3WyNvM3c3FPEbaZa
Score

7^/10

adware persistence stealer
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2