65b44ab06a930ae5c5850d8697d2c60e3a81d33d72acad60d393265f1e7b82b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46622c5a9457baf518e0e345b5727b8c
Size

439KB
Sample

231226-ar6ptadfej
MD5

46622c5a9457baf518e0e345b5727b8c
SHA1

2f281612e60b6b3f209a39586b43077720ebcd97
SHA256

65b44ab06a930ae5c5850d8697d2c60e3a81d33d72acad60d393265f1e7b82b4
SHA512

e40fbe216e9a4b6ab84a52a6608e6ec174c9842c1736399832553388d4e38defd42663061e483cb0977311b650087c6b86c289014da730585aeba26ae3902331
SSDEEP

6144:Ze34OxBLV0X1KW2Rj9MXWf6ZrZ9UdMZBvhealxBMykSngMmefBYv/l9j+7ZA0Xyt:OxBiQplfaI8ZlGefGXXjaZCBD

Score

7^/10

adware discovery spyware stealer

Malware Config

Targets

- Target
  
  46622c5a9457baf518e0e345b5727b8c
- Size
  
  439KB
- MD5
  
  46622c5a9457baf518e0e345b5727b8c
- SHA1
  
  2f281612e60b6b3f209a39586b43077720ebcd97
- SHA256
  
  65b44ab06a930ae5c5850d8697d2c60e3a81d33d72acad60d393265f1e7b82b4
- SHA512
  
  e40fbe216e9a4b6ab84a52a6608e6ec174c9842c1736399832553388d4e38defd42663061e483cb0977311b650087c6b86c289014da730585aeba26ae3902331
- SSDEEP
  
  6144:Ze34OxBLV0X1KW2Rj9MXWf6ZrZ9UdMZBvhealxBMykSngMmefBYv/l9j+7ZA0Xyt:OxBiQplfaI8ZlGefGXXjaZCBD
Score

7^/10

adware discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer