521ebdd2c15fa93a29b8ee7288f7d5d2746d479d13052e126c753a4b10a595be | Triage

Sharing

General

Target

c2193a0ba432c2827dba896b308809cf
Size

192KB
Sample

240312-bqq4eabg9w
MD5

c2193a0ba432c2827dba896b308809cf
SHA1

a0022cf71daa96f2ed4a4ec41bf63f11853cdd49
SHA256

521ebdd2c15fa93a29b8ee7288f7d5d2746d479d13052e126c753a4b10a595be
SHA512

ec21365a3f626cda5a47c8efaa474653fa8edcfb188700cd864f1bcc1f268e9185303b526d66bbd074c6bb6d424554dde8ff4fc172af55c09a566bfad1dbbfba
SSDEEP

3072:e+mrh42ya4kcFoWZHlWzzXGOJlBpPlPlUAVa0Th+7dUchB6p:2rh42xcTHlrMXRlP9+7dd

Score

8^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  c2193a0ba432c2827dba896b308809cf
- Size
  
  192KB
- MD5
  
  c2193a0ba432c2827dba896b308809cf
- SHA1
  
  a0022cf71daa96f2ed4a4ec41bf63f11853cdd49
- SHA256
  
  521ebdd2c15fa93a29b8ee7288f7d5d2746d479d13052e126c753a4b10a595be
- SHA512
  
  ec21365a3f626cda5a47c8efaa474653fa8edcfb188700cd864f1bcc1f268e9185303b526d66bbd074c6bb6d424554dde8ff4fc172af55c09a566bfad1dbbfba
- SSDEEP
  
  3072:e+mrh42ya4kcFoWZHlWzzXGOJlBpPlPlUAVa0Th+7dUchB6p:2rh42xcTHlrMXRlP9+7dd
Score

8^/10

adware persistence stealer
- Sets file execution options in registry
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer