83a4b08071ee6829a9c420e1c37ea767d986318a18fd937833fe43199d07c9a7 | Triage

Sharing

General

Target

e0786cfd02889f5cf8e98b648eb6863f
Size

891KB
Sample

240327-b44awshe22
MD5

e0786cfd02889f5cf8e98b648eb6863f
SHA1

22b9d971c7fdea19904c96ef4ffae5f6540cbd10
SHA256

83a4b08071ee6829a9c420e1c37ea767d986318a18fd937833fe43199d07c9a7
SHA512

0fc78c7d9482cb3e41866b768c9155a19fc184354470368db518c95c141ec220a042fc7eb93383dc1b341abb73fa9f8a7d45d8fffcdcd3018e4603dd873dea35
SSDEEP

24576:4ksNHkWxFfLAb87n+GyiTP/NwG7ZgqAc:zexFjAoHTiG7ZgTc

Score

6^/10

adware persistence stealer

Malware Config

Targets

- Target
  
  e0786cfd02889f5cf8e98b648eb6863f
- Size
  
  891KB
- MD5
  
  e0786cfd02889f5cf8e98b648eb6863f
- SHA1
  
  22b9d971c7fdea19904c96ef4ffae5f6540cbd10
- SHA256
  
  83a4b08071ee6829a9c420e1c37ea767d986318a18fd937833fe43199d07c9a7
- SHA512
  
  0fc78c7d9482cb3e41866b768c9155a19fc184354470368db518c95c141ec220a042fc7eb93383dc1b341abb73fa9f8a7d45d8fffcdcd3018e4603dd873dea35
- SSDEEP
  
  24576:4ksNHkWxFfLAb87n+GyiTP/NwG7ZgqAc:zexFjAoHTiG7ZgTc
Score

6^/10

adware persistence stealer
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2