05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5 | Triage

Submit
Reports

Overview

overview

8

Static

static

05c59dd122...b5.exe

windows7-x64

8

05c59dd122...b5.exe

windows10-2004-x64

8

Sharing

General

Target

05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5
Size

341KB
Sample

221123-vxm5wadb8v
MD5

45fe7afd40e5c90ef95cb67b0647bcf9
SHA1

2eaa024a92658b2ffb09e2e20a13c284e64c19d4
SHA256

05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5
SHA512

5571ec0ab9c41b1eede6d3d5e8331c53fdbd568de73987447e75cf0ffcb8e55e8bc88b22280a27ee4aa15544d10304f02208c182aafdc1c7f16fbb0e0c501072
SSDEEP

6144:bTfFDbRnOTrAZJzeC/c3ikR1W1rLrUNl8Y4PYsL9xiCZIWDq:d5ObC/cyJrLUlMAQ9xuz

Score

8^/10

adware stealer

Static task

static1

Behavioral task

behavioral1

Sample

05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5.exe

Resource

win7-20220812-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5
- Size
  
  341KB
- MD5
  
  45fe7afd40e5c90ef95cb67b0647bcf9
- SHA1
  
  2eaa024a92658b2ffb09e2e20a13c284e64c19d4
- SHA256
  
  05c59dd122d4b8fef678f9d4e6bb61afd4daa9024882a2233a1cffc30c1d5eb5
- SHA512
  
  5571ec0ab9c41b1eede6d3d5e8331c53fdbd568de73987447e75cf0ffcb8e55e8bc88b22280a27ee4aa15544d10304f02208c182aafdc1c7f16fbb0e0c501072
- SSDEEP
  
  6144:bTfFDbRnOTrAZJzeC/c3ikR1W1rLrUNl8Y4PYsL9xiCZIWDq:d5ObC/cyJrLUlMAQ9xuz
Score

8^/10

adware stealer
- Executes dropped EXE
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy