d05679f26a30fa9428ae344e7270f97a29d88506d2bfc13aebf622dd9c64274f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d05679f26a30fa9428ae344e7270f97a29d88506d2bfc13aebf622dd9c64274f
Size

733KB
Sample

221204-myxfyaff8y
MD5

04c4b97fb89f0903a0ab998316877fde
SHA1

586606a7459293d3f8b793770ea16e9d3e1878e7
SHA256

d05679f26a30fa9428ae344e7270f97a29d88506d2bfc13aebf622dd9c64274f
SHA512

ae032305a5b24db1ca931eac91c35a513bcc07b73dfc25ab784f5a039f3debfce0a449fddd2c7dfddf07a97bc5c1b2f014a0efcc1aacb78d4e1f47274f3948c3
SSDEEP

12288:QSWXV+uZM2I7tBbDW2IHBplF2tM/rLDehxP1+LmjqTn:QL8uZvwtFuH/hL0t1+Lmjqj

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  d05679f26a30fa9428ae344e7270f97a29d88506d2bfc13aebf622dd9c64274f
- Size
  
  733KB
- MD5
  
  04c4b97fb89f0903a0ab998316877fde
- SHA1
  
  586606a7459293d3f8b793770ea16e9d3e1878e7
- SHA256
  
  d05679f26a30fa9428ae344e7270f97a29d88506d2bfc13aebf622dd9c64274f
- SHA512
  
  ae032305a5b24db1ca931eac91c35a513bcc07b73dfc25ab784f5a039f3debfce0a449fddd2c7dfddf07a97bc5c1b2f014a0efcc1aacb78d4e1f47274f3948c3
- SSDEEP
  
  12288:QSWXV+uZM2I7tBbDW2IHBplF2tM/rLDehxP1+LmjqTn:QL8uZvwtFuH/hL0t1+Lmjqj
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2