71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58 | Triage

Sharing

General

Target

JavaSetup8u391.exe
Size

2.2MB
Sample

231219-x3km2scben
MD5

029ae246a9b5fd436a1b979e5f4aa54f
SHA1

4ab915f93bc2ea46eda2fcfbf037b956099ada45
SHA256

71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58
SHA512

6c3140c1d8dca2be8ad8eb6360318a8cef78e4f31fbee635f0870e0d2bb0f1679948da3b98af1282fe8d586f9f7c3d3a82016f522a1d1447b1e59158146caf31
SSDEEP

49152:XKU/ESvdaU+c0/IVes7kJXBjYOMjUfkptVxOdxiyh:XKU/xvzg/IVeMjUu5C

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  JavaSetup8u391.exe
- Size
  
  2.2MB
- MD5
  
  029ae246a9b5fd436a1b979e5f4aa54f
- SHA1
  
  4ab915f93bc2ea46eda2fcfbf037b956099ada45
- SHA256
  
  71d4b153af014ac81576fb91bb97ef6c4640f0486f98c2e4c9bb15b87fb9df58
- SHA512
  
  6c3140c1d8dca2be8ad8eb6360318a8cef78e4f31fbee635f0870e0d2bb0f1679948da3b98af1282fe8d586f9f7c3d3a82016f522a1d1447b1e59158146caf31
- SSDEEP
  
  49152:XKU/ESvdaU+c0/IVes7kJXBjYOMjUfkptVxOdxiyh:XKU/xvzg/IVeMjUu5C
Score

6^/10

adware persistence stealer
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2