c76c9f67cefd043d944fd56e805c3480c572a4a2064c87ed350ae47fe764d4f6 | Triage

Sharing

General

Target

899d4faaf51b5681ff07f015589e71ec
Size

154KB
Sample

240202-qllqfshcap
MD5

899d4faaf51b5681ff07f015589e71ec
SHA1

879adcea0eeaf32a99076383078aeba4e4bcc04f
SHA256

c76c9f67cefd043d944fd56e805c3480c572a4a2064c87ed350ae47fe764d4f6
SHA512

800955970d33ab08d109deaa41047f256e8d835a5a78f415446f4b9f92d7705fb8889c9c7c5f6c4f941cb16a88f8165e5092f8461d95a14539e22cdc163fd383
SSDEEP

3072:u1J/bW6aO6nq4OPePS0k363jJNpLhppRVGaq5yUj5Km:GcOxfP4S0+MJfLv7Vyom

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  899d4faaf51b5681ff07f015589e71ec
- Size
  
  154KB
- MD5
  
  899d4faaf51b5681ff07f015589e71ec
- SHA1
  
  879adcea0eeaf32a99076383078aeba4e4bcc04f
- SHA256
  
  c76c9f67cefd043d944fd56e805c3480c572a4a2064c87ed350ae47fe764d4f6
- SHA512
  
  800955970d33ab08d109deaa41047f256e8d835a5a78f415446f4b9f92d7705fb8889c9c7c5f6c4f941cb16a88f8165e5092f8461d95a14539e22cdc163fd383
- SSDEEP
  
  3072:u1J/bW6aO6nq4OPePS0k363jJNpLhppRVGaq5yUj5Km:GcOxfP4S0+MJfLv7Vyom
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer