3ec4ff39f06bf8b6e8201a31f102fc732a32ca545d7d338d832e1044d4557762 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50d0d9c519640847eefb9f1bfee5b573
Size

6.7MB
Sample

231226-d5qsashch4
MD5

50d0d9c519640847eefb9f1bfee5b573
SHA1

026b7aafed3875c92dc9b7afd31696e2cf1e0fbc
SHA256

3ec4ff39f06bf8b6e8201a31f102fc732a32ca545d7d338d832e1044d4557762
SHA512

44246d76c95e50c120df65bb7bad979a77768e1f8aeba5c97bbb0b4da6748f379a59b524f99fa4bc6346725156132b2ff8efa4b58591f13d5a53ba88ca4a8e7c
SSDEEP

196608:BUAMkAg8PgPz+WXdkAjNyS53csFxVzL/ppb7fzg:BUAMkAg84hXdD37ppbfg

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  50d0d9c519640847eefb9f1bfee5b573
- Size
  
  6.7MB
- MD5
  
  50d0d9c519640847eefb9f1bfee5b573
- SHA1
  
  026b7aafed3875c92dc9b7afd31696e2cf1e0fbc
- SHA256
  
  3ec4ff39f06bf8b6e8201a31f102fc732a32ca545d7d338d832e1044d4557762
- SHA512
  
  44246d76c95e50c120df65bb7bad979a77768e1f8aeba5c97bbb0b4da6748f379a59b524f99fa4bc6346725156132b2ff8efa4b58591f13d5a53ba88ca4a8e7c
- SSDEEP
  
  196608:BUAMkAg8PgPz+WXdkAjNyS53csFxVzL/ppb7fzg:BUAMkAg84hXdD37ppbfg
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2