adeff06a2a25e6c6c0228a41b7bcef454b74fccc8b04f998de86018ce8534eb8 | Triage

Sharing

General

Target

bd6fcd9ab4d89c3f78d2d2c5731219a6
Size

128KB
Sample

240310-czv96aaf3y
MD5

bd6fcd9ab4d89c3f78d2d2c5731219a6
SHA1

5a47167d3818176c741554d2bfb5194919d76233
SHA256

adeff06a2a25e6c6c0228a41b7bcef454b74fccc8b04f998de86018ce8534eb8
SHA512

172c1fd8fb6b2ed163eccbe175615107c825cbad61839e821363c078f881275c769b4dbe7ae4a374c66f351a886d4baa3607e13b1d3912ab2017e777c5ae029f
SSDEEP

3072:EmeDmBqskJ9n49T6vDjEJupyGzb/8U9fxO27J0RzZgQKGprL:E8B+IopyGzz9zJ+l/xL

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  bd6fcd9ab4d89c3f78d2d2c5731219a6
- Size
  
  128KB
- MD5
  
  bd6fcd9ab4d89c3f78d2d2c5731219a6
- SHA1
  
  5a47167d3818176c741554d2bfb5194919d76233
- SHA256
  
  adeff06a2a25e6c6c0228a41b7bcef454b74fccc8b04f998de86018ce8534eb8
- SHA512
  
  172c1fd8fb6b2ed163eccbe175615107c825cbad61839e821363c078f881275c769b4dbe7ae4a374c66f351a886d4baa3607e13b1d3912ab2017e777c5ae029f
- SSDEEP
  
  3072:EmeDmBqskJ9n49T6vDjEJupyGzb/8U9fxO27J0RzZgQKGprL:E8B+IopyGzz9zJ+l/xL
Score

7^/10

adware discovery stealer
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer