c6427b8dd566659d0a5da628aa0de440cd2c5f10ead810ade611d315b1ec88e1 | Triage

Sharing

General

Target

d440299f1563d72e0480848ff13d2102
Size

159KB
Sample

240318-xft8zafe59
MD5

d440299f1563d72e0480848ff13d2102
SHA1

8908ad0d2e2f86600ae3b838e8a00bd54d16739d
SHA256

c6427b8dd566659d0a5da628aa0de440cd2c5f10ead810ade611d315b1ec88e1
SHA512

685b2144e3c44270959d5ae8cc5de823d9a66e97d3ee7761375e9d81bfba42cd5f40fd1f36e967ed794030e44ca2cdbcb54770a1700b424d7ad03b87c5eb345a
SSDEEP

3072:QXxCpifDIe6JefbnZ9tUJ65fl+ESqYwLuyC3y4v50L:QhCpifDIA9tUJ65CqYpXXOL

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  d440299f1563d72e0480848ff13d2102
- Size
  
  159KB
- MD5
  
  d440299f1563d72e0480848ff13d2102
- SHA1
  
  8908ad0d2e2f86600ae3b838e8a00bd54d16739d
- SHA256
  
  c6427b8dd566659d0a5da628aa0de440cd2c5f10ead810ade611d315b1ec88e1
- SHA512
  
  685b2144e3c44270959d5ae8cc5de823d9a66e97d3ee7761375e9d81bfba42cd5f40fd1f36e967ed794030e44ca2cdbcb54770a1700b424d7ad03b87c5eb345a
- SSDEEP
  
  3072:QXxCpifDIe6JefbnZ9tUJ65fl+ESqYwLuyC3y4v50L:QhCpifDIA9tUJ65CqYpXXOL
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer