e3b2d97ffd27890bba269ffdeae2c0d30a5edfd499a7adee1f7156d6a121961c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

IDMan.exe
Size

5.2MB
Sample

240201-117atahddj
MD5

cc0833149c351dddeb1be96b7b88c2ae
SHA1

f93db8892388cc887ab5831005eac0eb3784257e
SHA256

e3b2d97ffd27890bba269ffdeae2c0d30a5edfd499a7adee1f7156d6a121961c
SHA512

4233170174f9cef8756d0e7f4e563f60a40e7f33e796949ad41e8bb3597e90814c4dacaa6eb66db4a6eeeb171f3df7473f9c96ce6e9bfabec6deb3c59fcd1be0
SSDEEP

98304:OPPSOs9BhzGMhP4SA6P18frP3wbzWFimaI7dlZPJ:+PSOs9BJaXgbzWFimaI7dlj

Score

7^/10

adware evasion persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  IDMan.exe
- Size
  
  5.2MB
- MD5
  
  cc0833149c351dddeb1be96b7b88c2ae
- SHA1
  
  f93db8892388cc887ab5831005eac0eb3784257e
- SHA256
  
  e3b2d97ffd27890bba269ffdeae2c0d30a5edfd499a7adee1f7156d6a121961c
- SHA512
  
  4233170174f9cef8756d0e7f4e563f60a40e7f33e796949ad41e8bb3597e90814c4dacaa6eb66db4a6eeeb171f3df7473f9c96ce6e9bfabec6deb3c59fcd1be0
- SSDEEP
  
  98304:OPPSOs9BhzGMhP4SA6P18frP3wbzWFimaI7dlZPJ:+PSOs9BJaXgbzWFimaI7dlj
Score

7^/10

adware evasion persistence spyware stealer trojan
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionpersistencespywarestealertrojan