711ecd58b20ba40477c163ca8911bbb6bff6e8b7da00eff0d2a243a0a445b36f | Triage

Sharing

General

Target

711ecd58b20ba40477c163ca8911bbb6bff6e8b7da00eff0d2a243a0a445b36fN
Size

551KB
Sample

241005-yljj4awarc
MD5

0bb763dd35b125dc5cfd8c2c29ccb4b0
SHA1

be724e74963b96b5a03e509606c077582e279e5b
SHA256

711ecd58b20ba40477c163ca8911bbb6bff6e8b7da00eff0d2a243a0a445b36f
SHA512

b3ea367ac4f13f6cd037f0ad00eb75cc3c2c6e23ef77bee6b3d4f2053630ff311fcd7e9b17436153ccb4410eaffb51652cc704ccaeadf55f6fbd0b1f005b5112
SSDEEP

12288:h1OgLdaOWgbJuMmFcouJqkXWctn+MEfOK:h1OYdaOWgJHJJqkXtMOK

Score

7^/10

adware discovery stealer

Malware Config

Targets

- Target
  
  711ecd58b20ba40477c163ca8911bbb6bff6e8b7da00eff0d2a243a0a445b36fN
- Size
  
  551KB
- MD5
  
  0bb763dd35b125dc5cfd8c2c29ccb4b0
- SHA1
  
  be724e74963b96b5a03e509606c077582e279e5b
- SHA256
  
  711ecd58b20ba40477c163ca8911bbb6bff6e8b7da00eff0d2a243a0a445b36f
- SHA512
  
  b3ea367ac4f13f6cd037f0ad00eb75cc3c2c6e23ef77bee6b3d4f2053630ff311fcd7e9b17436153ccb4410eaffb51652cc704ccaeadf55f6fbd0b1f005b5112
- SSDEEP
  
  12288:h1OgLdaOWgbJuMmFcouJqkXWctn+MEfOK:h1OYdaOWgJHJJqkXtMOK
Score

7^/10

adware discovery stealer
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoverystealer

behavioral2

adwarediscoverystealer