f8acf893293311806fd165c3a0b36894925f6ab40a957911aaecbf2bfd71b8ea | Triage

Sharing

General

Target

f8acf893293311806fd165c3a0b36894925f6ab40a957911aaecbf2bfd71b8ea
Size

755KB
Sample

221205-tlqaeshg3s
MD5

53112805fa5bed03e398d5c3160642d2
SHA1

4f73e912352f21802942dbabf127a35860c95fd2
SHA256

f8acf893293311806fd165c3a0b36894925f6ab40a957911aaecbf2bfd71b8ea
SHA512

229f4c1cf77ecd238a7a806abed492e1ef5763b4a7558aa0e26e4c25a8a020fb905b128e9a9b439539d02ef3e7b0cae5d707030e776380e5b8001efb82e3189a
SSDEEP

12288:e1l1k0PhAhUC+jL5scXN6ynMPrg8ViUJScnvb1SEz:en11PhAWH5scchPrDjZ1N

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  f8acf893293311806fd165c3a0b36894925f6ab40a957911aaecbf2bfd71b8ea
- Size
  
  755KB
- MD5
  
  53112805fa5bed03e398d5c3160642d2
- SHA1
  
  4f73e912352f21802942dbabf127a35860c95fd2
- SHA256
  
  f8acf893293311806fd165c3a0b36894925f6ab40a957911aaecbf2bfd71b8ea
- SHA512
  
  229f4c1cf77ecd238a7a806abed492e1ef5763b4a7558aa0e26e4c25a8a020fb905b128e9a9b439539d02ef3e7b0cae5d707030e776380e5b8001efb82e3189a
- SSDEEP
  
  12288:e1l1k0PhAhUC+jL5scXN6ynMPrg8ViUJScnvb1SEz:en11PhAWH5scchPrDjZ1N
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2