General

  • Target

    jre-8u221-windows-i586.exe

  • Size

    66.3MB

  • Sample

    220506-vmq4sachfn

  • MD5

    87fbb2392ce499f3873da0bd8711171e

  • SHA1

    f39e99c8480ab9feab4d872e8924599eeb5da398

  • SHA256

    42d7ae998d701fd6ab9d8bdf8df4a13915a4fb8429578c5a6c5a216e3873b63b

  • SHA512

    ac54870117799cd2a4dd4d18a3f865c695fecebeb0c0398df6f5cb5644aa0f651db4110cf0a8dac4dcae4ade7f0f47ef9835bf3fbb826ff588cfa43de2217b65

Score
8/10

Malware Config

Targets

    • Target

      jre-8u221-windows-i586.exe

    • Size

      66.3MB

    • MD5

      87fbb2392ce499f3873da0bd8711171e

    • SHA1

      f39e99c8480ab9feab4d872e8924599eeb5da398

    • SHA256

      42d7ae998d701fd6ab9d8bdf8df4a13915a4fb8429578c5a6c5a216e3873b63b

    • SHA512

      ac54870117799cd2a4dd4d18a3f865c695fecebeb0c0398df6f5cb5644aa0f651db4110cf0a8dac4dcae4ade7f0f47ef9835bf3fbb826ff588cfa43de2217b65

    Score
    8/10
    • Blocklisted process makes network request

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Browser Extensions

1
T1176

Defense Evasion

Modify Registry

2
T1112

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Tasks