Overview

overview

8

Static

static

fgf173.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fgf173.exe

  • Size

    3.1MB

  • Sample

    210610-4hdgqlqn4j

  • MD5

    aa87b7c2b72228d50368248accf4ea37

  • SHA1

    70c479dba1c5980ee68e60fadca2aa39e834ccd0

  • SHA256

    45bd8b9f26ffc735b39361c6579a45362fb177cb62c8fae6d3902c9834a10dea

  • SHA512

    2b0665f8516d4a0dc701f3b5c212bc348aaa66a5a3a54a89b2c75cf27961a96cb86fb05051b1a20be22475bbf365a6a353a3f1702eefad9090309259d838a798

Score
8/10
adwarediscoverystealer

Malware Config

Targets

    • Target

      fgf173.exe

    • Size

      3.1MB

    • MD5

      aa87b7c2b72228d50368248accf4ea37

    • SHA1

      70c479dba1c5980ee68e60fadca2aa39e834ccd0

    • SHA256

      45bd8b9f26ffc735b39361c6579a45362fb177cb62c8fae6d3902c9834a10dea

    • SHA512

      2b0665f8516d4a0dc701f3b5c212bc348aaa66a5a3a54a89b2c75cf27961a96cb86fb05051b1a20be22475bbf365a6a353a3f1702eefad9090309259d838a798

    Score
    8/10
    adwarediscoverystealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks