24f1d9809f97f72490b730cb4373b4cf03d8d0b5fe4d4f0d447b591fdd2254cf | Triage

Sharing

General

Target

16ff223a0b3a0111f7a4dbab4638981c
Size

192KB
Sample

231230-nfpttaabd6
MD5

16ff223a0b3a0111f7a4dbab4638981c
SHA1

cc845066f5cc97926f1ee01d9eb1e6d1a78a8e58
SHA256

24f1d9809f97f72490b730cb4373b4cf03d8d0b5fe4d4f0d447b591fdd2254cf
SHA512

cb3b964f02ceb32a1100ed51aa79e6131db97c38ab3281a6a1c10f58bad2992fd3f6bdccd57e695a236d459d8a8539cb18d3b3760f58bafd69fff059f3791c2d
SSDEEP

3072:gQ7pWdHCS+lwr3D1LeAOGGuL2+MSpFRW+nE28GwGlEdUcKGvx6:gYWdHCSX1LWGGuC3Spq285GlEdGGp6

Score

8^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  16ff223a0b3a0111f7a4dbab4638981c
- Size
  
  192KB
- MD5
  
  16ff223a0b3a0111f7a4dbab4638981c
- SHA1
  
  cc845066f5cc97926f1ee01d9eb1e6d1a78a8e58
- SHA256
  
  24f1d9809f97f72490b730cb4373b4cf03d8d0b5fe4d4f0d447b591fdd2254cf
- SHA512
  
  cb3b964f02ceb32a1100ed51aa79e6131db97c38ab3281a6a1c10f58bad2992fd3f6bdccd57e695a236d459d8a8539cb18d3b3760f58bafd69fff059f3791c2d
- SSDEEP
  
  3072:gQ7pWdHCS+lwr3D1LeAOGGuL2+MSpFRW+nE28GwGlEdUcKGvx6:gYWdHCSX1LWGGuC3Spq285GlEdGGp6
Score

8^/10

adware persistence stealer
- Sets file execution options in registry
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer