bf8814197ecf17a0edc0349da6a04840826138d69e490b4c40c4cc1837a8e179 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf8814197ecf17a0edc0349da6a04840826138d69e490b4c40c4cc1837a8e179
Size

204KB
Sample

221205-kj7l9acd89
MD5

afdb49e7d001c9da644c41f962d55bf4
SHA1

7c1e40cc002d44b9b007b96684b190b03522e3b2
SHA256

bf8814197ecf17a0edc0349da6a04840826138d69e490b4c40c4cc1837a8e179
SHA512

234a2ffe90e33bc78dd9a219a725d2d0d586200c6d1d45399f91ee80673e7361a04f96caeabde6cc3b680b0e7934589c66911a440aa0eb6a50a2235037155df8
SSDEEP

6144:QBmcgGlfktsafF0isD2JGlyRrUXPei+m:wgGOtf90isaAQRqPn

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  bf8814197ecf17a0edc0349da6a04840826138d69e490b4c40c4cc1837a8e179
- Size
  
  204KB
- MD5
  
  afdb49e7d001c9da644c41f962d55bf4
- SHA1
  
  7c1e40cc002d44b9b007b96684b190b03522e3b2
- SHA256
  
  bf8814197ecf17a0edc0349da6a04840826138d69e490b4c40c4cc1837a8e179
- SHA512
  
  234a2ffe90e33bc78dd9a219a725d2d0d586200c6d1d45399f91ee80673e7361a04f96caeabde6cc3b680b0e7934589c66911a440aa0eb6a50a2235037155df8
- SSDEEP
  
  6144:QBmcgGlfktsafF0isD2JGlyRrUXPei+m:wgGOtf90isaAQRqPn
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer