16e46e1a85f7f4fd6cdd82e7d21c8575032ca805ddab1cbd1e37c090382d4e8e | Triage

Sharing

General

Target

00e8d594cc7042a75f4c17574dab6ca1
Size

157KB
Sample

231229-xf1qrahac7
MD5

00e8d594cc7042a75f4c17574dab6ca1
SHA1

dcfe429621fef03b6baa7c9b50f11c1b4c5b1a72
SHA256

16e46e1a85f7f4fd6cdd82e7d21c8575032ca805ddab1cbd1e37c090382d4e8e
SHA512

40c837bf25d5cfcf936e20029c0818b84a496baf084eaa155e9a20b86ee9d495ec2237de41bdb39deed1c6b19c53d51d30f5b70a88decf67125022909eb473fa
SSDEEP

3072:3zE763lRqqZHxSin5Utei73qy7V9gqy4v5vS93:3/pZHcin5+3qyPrd+

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  00e8d594cc7042a75f4c17574dab6ca1
- Size
  
  157KB
- MD5
  
  00e8d594cc7042a75f4c17574dab6ca1
- SHA1
  
  dcfe429621fef03b6baa7c9b50f11c1b4c5b1a72
- SHA256
  
  16e46e1a85f7f4fd6cdd82e7d21c8575032ca805ddab1cbd1e37c090382d4e8e
- SHA512
  
  40c837bf25d5cfcf936e20029c0818b84a496baf084eaa155e9a20b86ee9d495ec2237de41bdb39deed1c6b19c53d51d30f5b70a88decf67125022909eb473fa
- SSDEEP
  
  3072:3zE763lRqqZHxSin5Utei73qy7V9gqy4v5vS93:3/pZHcin5+3qyPrd+
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer