735a71d8015334ab49528dbb47b7965feb349713bb70a514bbadf8a02b2a81b7 | Triage

Sharing

General

Target

NEAS.089927da0a3d8be376fd8055fbedff80_JC.exe
Size

551KB
Sample

231105-czkhnahf7z
MD5

089927da0a3d8be376fd8055fbedff80
SHA1

83be7589730501c993da327bc22da7aa8f04a1cd
SHA256

735a71d8015334ab49528dbb47b7965feb349713bb70a514bbadf8a02b2a81b7
SHA512

ce8807bddf9cca18efbf2d74e730e61e1b32f6f4eb72a7daf48fb3eb27b201dc9f5d47bbf888ac312fd900c552c0b5071dd02fce2ffb8a1f51d0f654c1c9c718
SSDEEP

12288:h1OgLdaO1Wctn+MEfOUgbJuMmFcouJqkp:h1OYdaO1tMOUgJHJJqkp

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  NEAS.089927da0a3d8be376fd8055fbedff80_JC.exe
- Size
  
  551KB
- MD5
  
  089927da0a3d8be376fd8055fbedff80
- SHA1
  
  83be7589730501c993da327bc22da7aa8f04a1cd
- SHA256
  
  735a71d8015334ab49528dbb47b7965feb349713bb70a514bbadf8a02b2a81b7
- SHA512
  
  ce8807bddf9cca18efbf2d74e730e61e1b32f6f4eb72a7daf48fb3eb27b201dc9f5d47bbf888ac312fd900c552c0b5071dd02fce2ffb8a1f51d0f654c1c9c718
- SSDEEP
  
  12288:h1OgLdaO1Wctn+MEfOUgbJuMmFcouJqkp:h1OYdaO1tMOUgJHJJqkp
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2