9733ee730001be6d16dfb34ef1330337ccd5367443e76699fb70a573784fc20c | Triage

Sharing

General

Target

9733ee730001be6d16dfb34ef1330337ccd5367443e76699fb70a573784fc20c
Size

548KB
Sample

221203-pzjbtabe48
MD5

7df5dc76ed400e2b67e9b6291eab9d91
SHA1

0c20c36d1f22524d746d9a56670bfe27e805e7be
SHA256

9733ee730001be6d16dfb34ef1330337ccd5367443e76699fb70a573784fc20c
SHA512

758ba81e6e502c79ef0fec74765159ff7825a89b9a4eb833b083cbb3d2b451833a2d0268a8b96a1c6915b17eb956f9765da996bf49aecc65fef168a666d64506
SSDEEP

12288:TgRXPCHzRmhPWrF/hUVO/tj7EP+4gSJu9eLe1l2rvhRSeQZL57vc:IOzRBNhUVO2j4H/27TSeQZL57

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  9733ee730001be6d16dfb34ef1330337ccd5367443e76699fb70a573784fc20c
- Size
  
  548KB
- MD5
  
  7df5dc76ed400e2b67e9b6291eab9d91
- SHA1
  
  0c20c36d1f22524d746d9a56670bfe27e805e7be
- SHA256
  
  9733ee730001be6d16dfb34ef1330337ccd5367443e76699fb70a573784fc20c
- SHA512
  
  758ba81e6e502c79ef0fec74765159ff7825a89b9a4eb833b083cbb3d2b451833a2d0268a8b96a1c6915b17eb956f9765da996bf49aecc65fef168a666d64506
- SSDEEP
  
  12288:TgRXPCHzRmhPWrF/hUVO/tj7EP+4gSJu9eLe1l2rvhRSeQZL57vc:IOzRBNhUVO2j4H/27TSeQZL57
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer