6bc5ae29096c6fc96709814121702d45d9af056cc7ec4664855a207492034c8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6577470b6a8e5f22e4025818a1c63dc2
Size

204KB
Sample

240118-tnr7ssdafp
MD5

6577470b6a8e5f22e4025818a1c63dc2
SHA1

4aca875947464da06dd5e37773f9ba791e86226b
SHA256

6bc5ae29096c6fc96709814121702d45d9af056cc7ec4664855a207492034c8b
SHA512

dca4ccaca5f96cfb8231448c99b3dc20d637e3b40ab16bc0fd79d7ef7b97182a329a4eca316c907c3e3b581a6aa0c2500830ea3f0f0e3713f812605eac627a6e
SSDEEP

3072:BzNvwrV9W3xSsaaD+K7kaJWsT1GRxOPguUT3xyQttbuuZwvxRt+:BzNvwrqanKoadT18g+3RdQ+

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  6577470b6a8e5f22e4025818a1c63dc2
- Size
  
  204KB
- MD5
  
  6577470b6a8e5f22e4025818a1c63dc2
- SHA1
  
  4aca875947464da06dd5e37773f9ba791e86226b
- SHA256
  
  6bc5ae29096c6fc96709814121702d45d9af056cc7ec4664855a207492034c8b
- SHA512
  
  dca4ccaca5f96cfb8231448c99b3dc20d637e3b40ab16bc0fd79d7ef7b97182a329a4eca316c907c3e3b581a6aa0c2500830ea3f0f0e3713f812605eac627a6e
- SSDEEP
  
  3072:BzNvwrV9W3xSsaaD+K7kaJWsT1GRxOPguUT3xyQttbuuZwvxRt+:BzNvwrqanKoadT18g+3RdQ+
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer