c28a377d9093de3473e14a1a0ce0cb51d3d46b357872ca84a0625697f7f06a72 | Triage

Submit
Reports

Overview

overview

8

Static

static

8

e6bd3c80fb...ir.exe

windows10_x64

8

Sharing

General

Target

e6bd3c80fbe81bbddd0ce095c4efa2ed.exe.vir
Size

2.3MB
Sample

211215-e5yctaggb6
MD5

e6bd3c80fbe81bbddd0ce095c4efa2ed
SHA1

5701bf12ad277b42bd951adfc3e57c5d6c4f8b64
SHA256

c28a377d9093de3473e14a1a0ce0cb51d3d46b357872ca84a0625697f7f06a72
SHA512

6a2d615af205c828992f76f27e0f7bf8a743bbfe1f91853b3fe9d034470c2c00d43591ad44112f41e599704e85c98fc2f11bc35d4dbec668b1d1d63dca1548a8

Score

8^/10

adware evasion persistence spyware stealer trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

e6bd3c80fbe81bbddd0ce095c4efa2ed.exe.vir.exe

Resource

win10-en-20211208

adware evasion persistence spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  e6bd3c80fbe81bbddd0ce095c4efa2ed.exe.vir
- Size
  
  2.3MB
- MD5
  
  e6bd3c80fbe81bbddd0ce095c4efa2ed
- SHA1
  
  5701bf12ad277b42bd951adfc3e57c5d6c4f8b64
- SHA256
  
  c28a377d9093de3473e14a1a0ce0cb51d3d46b357872ca84a0625697f7f06a72
- SHA512
  
  6a2d615af205c828992f76f27e0f7bf8a743bbfe1f91853b3fe9d034470c2c00d43591ad44112f41e599704e85c98fc2f11bc35d4dbec668b1d1d63dca1548a8
Score

8^/10

adware evasion persistence spyware stealer trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwareevasionpersistencespywarestealertrojan

© 2018-2024

Terms | Privacy