bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52 | Triage

Submit
Reports

Overview

overview

Static

static

8

bdb0d5835a...52.exe

windows7-x64

bdb0d5835a...52.exe

windows10-2004-x64

Sharing

General

Target

bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52
Size

9KB
Sample

220919-k15tzsdgaj
MD5

76dfc88564964733df36d7aab2f878e8
SHA1

db0f354e70c789bc42a05b4960438ae9d304b696
SHA256

bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52
SHA512

2807a878e13f29dd1822567d5b833dcc623a68740b0fa0fcfc49c70064e87b1884d8fc31e0ba15dd340c402d780f3ec5e1956850b156b2fd1be2f696aa993384
SSDEEP

192:eqyd2h6S44YvTDQAItHmKkZZQWRBvJcOYwB:eqyd2h6GGTDlIVmKo/RBxc6B

Score

10^/10

adware persistence stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52.exe

Resource

win7-20220901-en

adware persistence stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52.exe

Resource

win10v2004-20220812-en

adware persistence stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52
- Size
  
  9KB
- MD5
  
  76dfc88564964733df36d7aab2f878e8
- SHA1
  
  db0f354e70c789bc42a05b4960438ae9d304b696
- SHA256
  
  bdb0d5835a7fd3155236cf95f81f0040fcc985ce9507ccca47362189543d8e52
- SHA512
  
  2807a878e13f29dd1822567d5b833dcc623a68740b0fa0fcfc49c70064e87b1884d8fc31e0ba15dd340c402d780f3ec5e1956850b156b2fd1be2f696aa993384
- SSDEEP
  
  192:eqyd2h6S44YvTDQAItHmKkZZQWRBvJcOYwB:eqyd2h6GGTDlIVmKo/RBxc6B
Score

10^/10

adware persistence stealer upx
- Modifies WinLogon for persistence
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Change Default File Association

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealerupx

behavioral2

adwarepersistencestealerupx

© 2018-2025

Terms | Privacy