bc002c287bb05794c29ea723082e03f0508231e6f47c0a0050b7ab80dd1add59 | Triage

Submit
Reports

Overview

overview

Static

static

sorttable....oad.js

windows7_x64

sorttable....oad.js

windows10_x64

1

Sharing

General

Target

sorttable.js.download
Size

6KB
Sample

200925-qbtj4ata1x
MD5

5df8ca6561930c664aadfcd9173f9a6f
SHA1

9025e4033e1a824cad7f13eddb3b5a7dfe54c3c2
SHA256

bc002c287bb05794c29ea723082e03f0508231e6f47c0a0050b7ab80dd1add59
SHA512

9aef08446911246e219415a51252ab2361a6c560e22adc49590ea812995b3bf9d02c7a9fa386ab270500a0a55af2e2d116640f84b51a4549ee8497764eed81a6

Score

10^/10

adware discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

sorttable.js.download.js

Resource

win7

persistence stealer adware discovery

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sorttable.js.download.js

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sorttable.js.download
- Size
  
  6KB
- MD5
  
  5df8ca6561930c664aadfcd9173f9a6f
- SHA1
  
  9025e4033e1a824cad7f13eddb3b5a7dfe54c3c2
- SHA256
  
  bc002c287bb05794c29ea723082e03f0508231e6f47c0a0050b7ab80dd1add59
- SHA512
  
  9aef08446911246e219415a51252ab2361a6c560e22adc49590ea812995b3bf9d02c7a9fa386ab270500a0a55af2e2d116640f84b51a4549ee8497764eed81a6
Score

10^/10

persistence stealer adware discovery
- Registers COM server for autorun
  persistence
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Browser Extensions

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencestealeradwarediscovery

behavioral2

© 2018-2024

Terms | Privacy