Overview

overview

8

Static

static

17a06b2523...38.exe

windows7-x64

8

17a06b2523...38.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17a06b2523d6f2e60e0dbc7051f84f43a971b2e810020f43525228586e6f2938

  • Size

    2.1MB

  • Sample

    221123-3qe5pada43

  • MD5

    16b4f5069ff00c5deb8b5d5c4ca6e4bf

  • SHA1

    3f62252257b325e4e4ab9c6b21e477df16c7180a

  • SHA256

    17a06b2523d6f2e60e0dbc7051f84f43a971b2e810020f43525228586e6f2938

  • SHA512

    df8346eb01853efd3a81e02e756898e8568a7496165da47a6a9bd562116b4ad326fcd4e41621c321cbe55bc16509b4ec66b630dafe63f2db424dd069246cf96c

  • SSDEEP

    49152:h1OsBYIGWkf6jd9YMhKKumq+4oAczj/i6jgvb7GvKSV:h1OOdd9YMhKgq+4fC

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      17a06b2523d6f2e60e0dbc7051f84f43a971b2e810020f43525228586e6f2938

    • Size

      2.1MB

    • MD5

      16b4f5069ff00c5deb8b5d5c4ca6e4bf

    • SHA1

      3f62252257b325e4e4ab9c6b21e477df16c7180a

    • SHA256

      17a06b2523d6f2e60e0dbc7051f84f43a971b2e810020f43525228586e6f2938

    • SHA512

      df8346eb01853efd3a81e02e756898e8568a7496165da47a6a9bd562116b4ad326fcd4e41621c321cbe55bc16509b4ec66b630dafe63f2db424dd069246cf96c

    • SSDEEP

      49152:h1OsBYIGWkf6jd9YMhKKumq+4oAczj/i6jgvb7GvKSV:h1OOdd9YMhKgq+4fC

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks