64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685 | Triage

Submit
Reports

Overview

overview

Static

static

8

64bef97293...85.exe

windows7_x64

64bef97293...85.exe

windows10-2004_x64

Sharing

General

Target

64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685
Size

575KB
Sample

220427-tq884agecm
MD5

00cfbb694d085f45f188a860a07c9974
SHA1

ca35faa2c5c6d79e803814618940b1751154f44c
SHA256

64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685
SHA512

b1aa9d7913a2978cc25f4c5f7725a6e5f0a5dac3eb580f6e1e2cb28caefa53015c206fe24f6f62cd435e469ca29095981f37ef142893ff0a96a25c57ce1aa997

Score

10^/10

adware persistence stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685.exe

Resource

win7-20220414-en

adware persistence stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685.exe

Resource

win10v2004-20220414-en

adware persistence stealer

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685
- Size
  
  575KB
- MD5
  
  00cfbb694d085f45f188a860a07c9974
- SHA1
  
  ca35faa2c5c6d79e803814618940b1751154f44c
- SHA256
  
  64bef972934027f00ec1a01a5baa433667bddbe3c19b4bf1052c495fba280685
- SHA512
  
  b1aa9d7913a2978cc25f4c5f7725a6e5f0a5dac3eb580f6e1e2cb28caefa53015c206fe24f6f62cd435e469ca29095981f37ef142893ff0a96a25c57ce1aa997
Score

10^/10

adware persistence stealer
- Modifies WinLogon for persistence
  persistence
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Winlogon Helper DLL

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

behavioral2

adwarepersistencestealer

© 2018-2024

Terms | Privacy