Overview

overview

8

Static

static

1ab01e3e84...46.exe

windows7-x64

8

1ab01e3e84...46.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1ab01e3e847dbe7f9e301c5a8e978fc3cd998e917e2ee20e6704ef21dc991c46

  • Size

    2.1MB

  • Sample

    221123-1317ksbh81

  • MD5

    25258476639a05ab42b5834520172970

  • SHA1

    3b6f675e0c0bbcb0ddb7470e3e544d465c2fbf80

  • SHA256

    1ab01e3e847dbe7f9e301c5a8e978fc3cd998e917e2ee20e6704ef21dc991c46

  • SHA512

    05ee6e20b418326f1fd71874c96c1449b0256c7449f816f3bc10f6a714e5158062d4f0c067bf8764ee5c2bf03275776f6bfd148460b021fc3809433d699cf9ae

  • SSDEEP

    49152:h1OsikMyJo5w3LMa3PYN7i8Y0qKTsab0/:h1OHk/vnYdix

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      1ab01e3e847dbe7f9e301c5a8e978fc3cd998e917e2ee20e6704ef21dc991c46

    • Size

      2.1MB

    • MD5

      25258476639a05ab42b5834520172970

    • SHA1

      3b6f675e0c0bbcb0ddb7470e3e544d465c2fbf80

    • SHA256

      1ab01e3e847dbe7f9e301c5a8e978fc3cd998e917e2ee20e6704ef21dc991c46

    • SHA512

      05ee6e20b418326f1fd71874c96c1449b0256c7449f816f3bc10f6a714e5158062d4f0c067bf8764ee5c2bf03275776f6bfd148460b021fc3809433d699cf9ae

    • SSDEEP

      49152:h1OsikMyJo5w3LMa3PYN7i8Y0qKTsab0/:h1OHk/vnYdix

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks