98f191c981dca6f7960967d4ddff3fdbdd3d375336104b2299bc2a3db0dac358 | Triage

Sharing

General

Target

443001e7ab2e4ff13124b10e437c586b
Size

174KB
Sample

240105-xldheaaad6
MD5

443001e7ab2e4ff13124b10e437c586b
SHA1

76c2555d00a8a9061e317c91d55ecf275507c3e3
SHA256

98f191c981dca6f7960967d4ddff3fdbdd3d375336104b2299bc2a3db0dac358
SHA512

1bef4e11fa8b2cc828c8dd15d8cb7c330c9513a29a3b89338123e46e0dec93d60dd5e66f402a0bcbaa3f7440ae2b84de25a5fb88359d4ad9b336747a4b361f7f
SSDEEP

3072:x8f6O57wtzUcLD+Mm0UHCzrJ7XEloL3P+CyDubySak51P:uZ58tz8HqrDRySJacP

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  443001e7ab2e4ff13124b10e437c586b
- Size
  
  174KB
- MD5
  
  443001e7ab2e4ff13124b10e437c586b
- SHA1
  
  76c2555d00a8a9061e317c91d55ecf275507c3e3
- SHA256
  
  98f191c981dca6f7960967d4ddff3fdbdd3d375336104b2299bc2a3db0dac358
- SHA512
  
  1bef4e11fa8b2cc828c8dd15d8cb7c330c9513a29a3b89338123e46e0dec93d60dd5e66f402a0bcbaa3f7440ae2b84de25a5fb88359d4ad9b336747a4b361f7f
- SSDEEP
  
  3072:x8f6O57wtzUcLD+Mm0UHCzrJ7XEloL3P+CyDubySak51P:uZ58tz8HqrDRySJacP
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer