Overview

overview

8

Static

static

6df0fa8b71...c6.exe

windows7-x64

8

6df0fa8b71...c6.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6df0fa8b714deb52b2cb2df9a850b3c58ce13b2c121c4ed01fedf6ae588e04c6

  • Size

    3.6MB

  • Sample

    221123-ve97pagh45

  • MD5

    004d4f824a30d29ef597349953815e14

  • SHA1

    5b60af1e57e315b4df33944811d8d1124e9d9110

  • SHA256

    6df0fa8b714deb52b2cb2df9a850b3c58ce13b2c121c4ed01fedf6ae588e04c6

  • SHA512

    838375f0d2360cb2697e593c4f6736302ddff578a7df9116e08723112b0ac9b6eea287d10874dd3b37571bc645be78ad893254187fc130ac231fe9f1e4353e11

  • SSDEEP

    98304:3K6hjE5CMqSC2pn6x8DsYrIaT5za7dBBNWAHWq:3KsjWCU4rWAH

Score
8/10
adwarediscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      6df0fa8b714deb52b2cb2df9a850b3c58ce13b2c121c4ed01fedf6ae588e04c6

    • Size

      3.6MB

    • MD5

      004d4f824a30d29ef597349953815e14

    • SHA1

      5b60af1e57e315b4df33944811d8d1124e9d9110

    • SHA256

      6df0fa8b714deb52b2cb2df9a850b3c58ce13b2c121c4ed01fedf6ae588e04c6

    • SHA512

      838375f0d2360cb2697e593c4f6736302ddff578a7df9116e08723112b0ac9b6eea287d10874dd3b37571bc645be78ad893254187fc130ac231fe9f1e4353e11

    • SSDEEP

      98304:3K6hjE5CMqSC2pn6x8DsYrIaT5za7dBBNWAHWq:3KsjWCU4rWAH

    Score
    8/10
    adwarediscoverypersistencespywarestealer

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks