Overview

overview

7

Static

static

00b97a7b63...e2.exe

windows7_x64

1

00b97a7b63...e2.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    00b97a7b631b65ba2bf9973a8cc4f81e6ab49598c686d1a1fdeb0ff9f1a167e2

  • Size

    5.4MB

  • Sample

    220524-ps7e3aaee8

  • MD5

    f7f7d57bfc7bd06c8daef041f34c62a2

  • SHA1

    a610bea3f8e7d6a69a35930fcd0a4fbee1d681d8

  • SHA256

    00b97a7b631b65ba2bf9973a8cc4f81e6ab49598c686d1a1fdeb0ff9f1a167e2

  • SHA512

    5be894e15d0ebc985431b2236945ebc33db46e29c6c3b7f647add6b301e88a8fd76168146a40ea3098e72abcf0c06fa9586cbc600114107d95d71a13bc47b8f1

Score
7/10
adwarestealer

Malware Config

Targets

    • Target

      00b97a7b631b65ba2bf9973a8cc4f81e6ab49598c686d1a1fdeb0ff9f1a167e2

    • Size

      5.4MB

    • MD5

      f7f7d57bfc7bd06c8daef041f34c62a2

    • SHA1

      a610bea3f8e7d6a69a35930fcd0a4fbee1d681d8

    • SHA256

      00b97a7b631b65ba2bf9973a8cc4f81e6ab49598c686d1a1fdeb0ff9f1a167e2

    • SHA512

      5be894e15d0ebc985431b2236945ebc33db46e29c6c3b7f647add6b301e88a8fd76168146a40ea3098e72abcf0c06fa9586cbc600114107d95d71a13bc47b8f1

    Score
    7/10
    adwarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks