Overview

overview

7

Static

static

adaec2245a...bb.exe

windows7-x64

7

adaec2245a...bb.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    adaec2245a4b01d2ff9f68260ed9a3ce9ce6754b22a0032d3812e00472a925bb

  • Size

    76KB

  • Sample

    221011-dgsa8acagk

  • MD5

    7ba912af2aef3afb969f67f5afc9a6d0

  • SHA1

    522af879ba9b007f48d69ef6888739022addab84

  • SHA256

    adaec2245a4b01d2ff9f68260ed9a3ce9ce6754b22a0032d3812e00472a925bb

  • SHA512

    b3f1f6d0576bbbe4da78e13c99d452ef6cbb4b9912123e11cf430678bc35f3a61d2b7471f30b44f1c6e36f3cfb553fd90bca958e6d570dd89a877dcbff30a706

  • SSDEEP

    768:jxDI8Nwl34ETcpcbCgHjSJ070vvLXmJuBGNgj5mMjI1t0cT4qf7hOZR6f6Y:jxDXwTQcbCg29nLXcu8h7hOZRhY

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      adaec2245a4b01d2ff9f68260ed9a3ce9ce6754b22a0032d3812e00472a925bb

    • Size

      76KB

    • MD5

      7ba912af2aef3afb969f67f5afc9a6d0

    • SHA1

      522af879ba9b007f48d69ef6888739022addab84

    • SHA256

      adaec2245a4b01d2ff9f68260ed9a3ce9ce6754b22a0032d3812e00472a925bb

    • SHA512

      b3f1f6d0576bbbe4da78e13c99d452ef6cbb4b9912123e11cf430678bc35f3a61d2b7471f30b44f1c6e36f3cfb553fd90bca958e6d570dd89a877dcbff30a706

    • SSDEEP

      768:jxDI8Nwl34ETcpcbCgHjSJ070vvLXmJuBGNgj5mMjI1t0cT4qf7hOZR6f6Y:jxDXwTQcbCg29nLXcu8h7hOZRhY

    Score
    7/10
    adwarestealerpersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks