2757657d1bfa20dfeda4e34807d215fbfcc9b40d7715f0748cc5313c02b2e048 | Triage

Sharing

General

Target

194e7b8cc5c4a79afcec6dbc7386df7c
Size

58KB
Sample

231230-p889ladcep
MD5

194e7b8cc5c4a79afcec6dbc7386df7c
SHA1

8cc4647565b2706a4aa48a21cfca1389302afffb
SHA256

2757657d1bfa20dfeda4e34807d215fbfcc9b40d7715f0748cc5313c02b2e048
SHA512

5b5ea4b8561cab21eab3cc98a85c35426a1cd2fdaf607bfad2fef3ef1d455d19cb2a9b0e823dc83e799fccead128ffaefb723a80954e927f86e208b2c773b22d
SSDEEP

1536:/SuAHAhOI6Cv0gg2szO/71mbXKLSEky9t/9:0HAhOI6pgghi/x8XeV9f

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  194e7b8cc5c4a79afcec6dbc7386df7c
- Size
  
  58KB
- MD5
  
  194e7b8cc5c4a79afcec6dbc7386df7c
- SHA1
  
  8cc4647565b2706a4aa48a21cfca1389302afffb
- SHA256
  
  2757657d1bfa20dfeda4e34807d215fbfcc9b40d7715f0748cc5313c02b2e048
- SHA512
  
  5b5ea4b8561cab21eab3cc98a85c35426a1cd2fdaf607bfad2fef3ef1d455d19cb2a9b0e823dc83e799fccead128ffaefb723a80954e927f86e208b2c773b22d
- SSDEEP
  
  1536:/SuAHAhOI6Cv0gg2szO/71mbXKLSEky9t/9:0HAhOI6pgghi/x8XeV9f
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Deletes itself
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2