5cf6b3cb3fc1aae46b318e1192565e83fb1776da845e951c9e74dec78965f88a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5cf6b3cb3fc1aae46b318e1192565e83fb1776da845e951c9e74dec78965f88a
Size

114KB
Sample

221201-fb5qgaef62
MD5

34cca805e7ee1459f79f030842137550
SHA1

f6ab80dbeab036f64f2b07cd23ff7d3ec7079e6f
SHA256

5cf6b3cb3fc1aae46b318e1192565e83fb1776da845e951c9e74dec78965f88a
SHA512

360d1b33bef86362011721c4233e3548166ec37b7393d7287986c1eaf063afc5dc21e4dc049ac891cf9cfc0a60cad9ac950deb587cb8a7cdbf70cf3c6ef066d7
SSDEEP

3072:ymeDmBqskJ1XEij481aUW8i1wbjCsuzu+XW3riPFgGCH:y8QTjC8OwbOsUu+muPFgGy

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  5cf6b3cb3fc1aae46b318e1192565e83fb1776da845e951c9e74dec78965f88a
- Size
  
  114KB
- MD5
  
  34cca805e7ee1459f79f030842137550
- SHA1
  
  f6ab80dbeab036f64f2b07cd23ff7d3ec7079e6f
- SHA256
  
  5cf6b3cb3fc1aae46b318e1192565e83fb1776da845e951c9e74dec78965f88a
- SHA512
  
  360d1b33bef86362011721c4233e3548166ec37b7393d7287986c1eaf063afc5dc21e4dc049ac891cf9cfc0a60cad9ac950deb587cb8a7cdbf70cf3c6ef066d7
- SSDEEP
  
  3072:ymeDmBqskJ1XEij481aUW8i1wbjCsuzu+XW3riPFgGCH:y8QTjC8OwbOsUu+muPFgGy
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer