a21245d134b7feadb36765bdd9cd6e31933fe8c3e29482d77ec3052b0b3a2593 | Triage

Sharing

General

Target

4aecbe394861e9f895aca5ca24e05b55
Size

25KB
Sample

240108-j88eeafbd7
MD5

4aecbe394861e9f895aca5ca24e05b55
SHA1

c392edd79f08e84cfddf0ab67240d472e474cce6
SHA256

a21245d134b7feadb36765bdd9cd6e31933fe8c3e29482d77ec3052b0b3a2593
SHA512

a625ce04181db4b8604ddb108d379d4af3efa991bf6cb658eaf855680dc268713d016fd72b048707bc026a3b2b0066650d1a502d76eb8bbfbae385fd89b295f8
SSDEEP

384:yPaCpRN9C3pTQE4xP31AlZQkcCd1gAUmGmDAixogZdLF5OlkJhYPTGs2kBH:4Zp43pL4xPvUHUmGGAwoORJUTekx

Score

7^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  4aecbe394861e9f895aca5ca24e05b55
- Size
  
  25KB
- MD5
  
  4aecbe394861e9f895aca5ca24e05b55
- SHA1
  
  c392edd79f08e84cfddf0ab67240d472e474cce6
- SHA256
  
  a21245d134b7feadb36765bdd9cd6e31933fe8c3e29482d77ec3052b0b3a2593
- SHA512
  
  a625ce04181db4b8604ddb108d379d4af3efa991bf6cb658eaf855680dc268713d016fd72b048707bc026a3b2b0066650d1a502d76eb8bbfbae385fd89b295f8
- SSDEEP
  
  384:yPaCpRN9C3pTQE4xP31AlZQkcCd1gAUmGmDAixogZdLF5OlkJhYPTGs2kBH:4Zp43pL4xPvUHUmGGAwoORJUTekx
Score

7^/10

adware persistence stealer
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies WinLogon
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer