00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc | Triage

Submit
Reports

Overview

overview

9

Static

static

00aa13b378...fc.exe

windows7_x64

9

00aa13b378...fc.exe

windows10-2004_x64

9

Sharing

General

Target

00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc
Size

255KB
Sample

220524-p5e7caeffp
MD5

08475328d0280e8fc7900b7d3b9c2e59
SHA1

e026c24e9fc03905675a1cdd6909f84316a948e9
SHA256

00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc
SHA512

46ce51655e31a63424b1ebb747411f787bc71115e5818af8ac0a7f9235d11b3fab2ff28ccea97a5572a2c76f4da55a9292e54b11e92cc903f385f7d9359f2f47

Score

9^/10

adware discovery spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc.exe

Resource

win7-20220414-en

adware discovery spyware stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc.exe

Resource

win10v2004-20220414-en

adware discovery spyware stealer upx

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc
- Size
  
  255KB
- MD5
  
  08475328d0280e8fc7900b7d3b9c2e59
- SHA1
  
  e026c24e9fc03905675a1cdd6909f84316a948e9
- SHA256
  
  00aa13b3788c9bf88660754cd421ebb5b3e18e1ecc83f1867e3920c221d255fc
- SHA512
  
  46ce51655e31a63424b1ebb747411f787bc71115e5818af8ac0a7f9235d11b3fab2ff28ccea97a5572a2c76f4da55a9292e54b11e92cc903f385f7d9359f2f47
Score

9^/10

adware discovery spyware stealer upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops Chrome extension
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealerupx

behavioral2

adwarediscoveryspywarestealerupx

© 2018-2024

Terms | Privacy