f1a1664e0504f5a1575022dbdcfd19c6a5abdda6fb4a841e116b34b263e56495 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4fcd95e4645eac7c9f5687dbbcec2512
Size

653KB
Sample

231226-dv23ksffa8
MD5

4fcd95e4645eac7c9f5687dbbcec2512
SHA1

b64099e7dc392874ba08d31c8f8aeb1e3302603d
SHA256

f1a1664e0504f5a1575022dbdcfd19c6a5abdda6fb4a841e116b34b263e56495
SHA512

ddb68ff8e0ac386db6a389018f0cd69e72ad8c822b4dd61978a16c6cdd18af8d6f922957bbe8d3ac62b09ecfc13fbe57f2502b3d1e6c4d6d9826dae18cabe6d0
SSDEEP

12288:dhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcbNmEh:rRmJkcoQricOIQxiZY1WNmM

Score

10^/10

adware evasion stealer trojan

Malware Config

Targets

- Target
  
  4fcd95e4645eac7c9f5687dbbcec2512
- Size
  
  653KB
- MD5
  
  4fcd95e4645eac7c9f5687dbbcec2512
- SHA1
  
  b64099e7dc392874ba08d31c8f8aeb1e3302603d
- SHA256
  
  f1a1664e0504f5a1575022dbdcfd19c6a5abdda6fb4a841e116b34b263e56495
- SHA512
  
  ddb68ff8e0ac386db6a389018f0cd69e72ad8c822b4dd61978a16c6cdd18af8d6f922957bbe8d3ac62b09ecfc13fbe57f2502b3d1e6c4d6d9826dae18cabe6d0
- SSDEEP
  
  12288:dhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcbNmEh:rRmJkcoQricOIQxiZY1WNmM
Score

10^/10

adware evasion stealer trojan
- UAC bypass
  evasion trojan
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- AutoIT Executable
  AutoIT scripts compiled to PE executables.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

adwareevasionstealertrojan