Overview

overview

8

Static

static

79a26e8660...d4.exe

windows7_x64

8

79a26e8660...d4.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    79a26e866056b45ca9df359c5585e5389b90c82ee2a4c860fc2c07570008a3d4

  • Size

    14KB

  • Sample

    220427-tryhzsgefk

  • MD5

    2cfb89b90f7a8b5d3c33c444352d8a6f

  • SHA1

    1d9ef3bf7537951f5734725c4f17035ed78497af

  • SHA256

    79a26e866056b45ca9df359c5585e5389b90c82ee2a4c860fc2c07570008a3d4

  • SHA512

    8508b539141fed6b547c67422546ab5b00bec1128fcf09acd1e37996df7484e153aa3f4d92e48fc489ab98c0cc16dbea7327aaf885f500e2f209e619c7d2072e

Score
8/10
adwarestealer

Malware Config

Targets

    • Target

      79a26e866056b45ca9df359c5585e5389b90c82ee2a4c860fc2c07570008a3d4

    • Size

      14KB

    • MD5

      2cfb89b90f7a8b5d3c33c444352d8a6f

    • SHA1

      1d9ef3bf7537951f5734725c4f17035ed78497af

    • SHA256

      79a26e866056b45ca9df359c5585e5389b90c82ee2a4c860fc2c07570008a3d4

    • SHA512

      8508b539141fed6b547c67422546ab5b00bec1128fcf09acd1e37996df7484e153aa3f4d92e48fc489ab98c0cc16dbea7327aaf885f500e2f209e619c7d2072e

    Score
    8/10
    adwarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks