5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c | Triage

Submit
Reports

Overview

overview

Static

static

8

5e13357640...5c.exe

windows7-x64

5e13357640...5c.exe

windows10-2004-x64

Sharing

General

Target

5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c
Size

1.0MB
Sample

221020-ty8mjadeg2
MD5

a085c8096ecc69bf9c5fea84647f259e
SHA1

4a04c249f312b87031b7657f85a5c5bed938fcf4
SHA256

5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c
SHA512

d06fbdbda7d99dabf48f538bc9e262ce67c7665264aa65d9becd6ca4572f1e48e2b7f09575c7ddc468cf27060abbf00568d510e923d0309dec4ed711972a24b5
SSDEEP

12288:Cb5syS5Z5Z5sy/yS5Z5Z5Z5B+G5Z5Z5B1y/yS5Z5Z5Z5sy/nNy/y/yS5sy/y/y/g:QeaS0aKfcaa2aaaaa2s

Score

10^/10

adware persistence stealer upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c.exe

Resource

win7-20220812-en

adware persistence stealer upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c.exe

Resource

win10v2004-20220812-en

adware persistence stealer upx

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c
- Size
  
  1.0MB
- MD5
  
  a085c8096ecc69bf9c5fea84647f259e
- SHA1
  
  4a04c249f312b87031b7657f85a5c5bed938fcf4
- SHA256
  
  5e1335764074467bd080047e11fe321f7ad09b1e8d650f713ec30f543325a85c
- SHA512
  
  d06fbdbda7d99dabf48f538bc9e262ce67c7665264aa65d9becd6ca4572f1e48e2b7f09575c7ddc468cf27060abbf00568d510e923d0309dec4ed711972a24b5
- SSDEEP
  
  12288:Cb5syS5Z5Z5sy/yS5Z5Z5Z5B+G5Z5Z5B1y/yS5Z5Z5Z5sy/nNy/y/yS5sy/y/y/g:QeaS0aKfcaa2aaaaa2s
Score

10^/10

adware persistence stealer upx
- Modifies WinLogon for persistence
  persistence
- Modifies system executable filetype association
  persistence
- Drops file in Drivers directory
- Sets service image path in registry
  persistence
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies WinLogon
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Change Default File Association

Registry Run Keys / Startup Folder

Winlogon Helper DLL

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealerupx

behavioral2

adwarepersistencestealerupx

© 2018-2025

Terms | Privacy