874a281111a8791c865b7dd7df94261ca355f04b68fdcda6c95b0860697fd443 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcc7bd371f6fa4f9bdf071d7615fc732
Size

192KB
Sample

240309-zpjjyaae6x
MD5

bcc7bd371f6fa4f9bdf071d7615fc732
SHA1

64cd37e97b216b17df51d35543b4077a8da32096
SHA256

874a281111a8791c865b7dd7df94261ca355f04b68fdcda6c95b0860697fd443
SHA512

2a40a1a39e57d61a31c55787be6e39aa7b2395fb72fce09f92d33fd9abb397be2ad7d4096fece3eb5d15954541daf804adb64c2662d1efbfada0ed700e23ef6d
SSDEEP

3072:RupaoCA9OCu2S/tjXhzlzzSoer4YsrRYR4Scj2UXE6f30u+0:ZEOCu2+VlnwMO47P0uN

Score

7^/10

adware stealer

Malware Config

Targets

- Target
  
  bcc7bd371f6fa4f9bdf071d7615fc732
- Size
  
  192KB
- MD5
  
  bcc7bd371f6fa4f9bdf071d7615fc732
- SHA1
  
  64cd37e97b216b17df51d35543b4077a8da32096
- SHA256
  
  874a281111a8791c865b7dd7df94261ca355f04b68fdcda6c95b0860697fd443
- SHA512
  
  2a40a1a39e57d61a31c55787be6e39aa7b2395fb72fce09f92d33fd9abb397be2ad7d4096fece3eb5d15954541daf804adb64c2662d1efbfada0ed700e23ef6d
- SSDEEP
  
  3072:RupaoCA9OCu2S/tjXhzlzzSoer4YsrRYR4Scj2UXE6f30u+0:ZEOCu2+VlnwMO47P0uN
Score

7^/10

adware stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2