Overview

overview

8

Static

static

6e9db07a05...c4.exe

windows7-x64

8

6e9db07a05...c4.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6e9db07a0515e2d6cb6edc13785fc11472afb02d289c5d384ff40fea37f349c4

  • Size

    4.4MB

  • Sample

    221124-gqr9csdb93

  • MD5

    dbed8056ed2389c2de81f332a88f0f2a

  • SHA1

    5568fd6d8f809fbec6832951997c60cd15fe0e86

  • SHA256

    6e9db07a0515e2d6cb6edc13785fc11472afb02d289c5d384ff40fea37f349c4

  • SHA512

    5910bccdd148c3cd68415f06664faa21d678630351c24c034a9ff3e3f73b0b790b8ac20671a202e5be5ced828659b77bc18d29cb48c0f97163171ce19cd981d7

  • SSDEEP

    49152:NW80dm9/XOUkRx9zxup4HdGKvghxfki1Zc7SKBjSlM/Zf0weeDNxyt:Y09/z6x8Kcw7SKBj8MNtLNxy

Score
8/10
adwarediscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      6e9db07a0515e2d6cb6edc13785fc11472afb02d289c5d384ff40fea37f349c4

    • Size

      4.4MB

    • MD5

      dbed8056ed2389c2de81f332a88f0f2a

    • SHA1

      5568fd6d8f809fbec6832951997c60cd15fe0e86

    • SHA256

      6e9db07a0515e2d6cb6edc13785fc11472afb02d289c5d384ff40fea37f349c4

    • SHA512

      5910bccdd148c3cd68415f06664faa21d678630351c24c034a9ff3e3f73b0b790b8ac20671a202e5be5ced828659b77bc18d29cb48c0f97163171ce19cd981d7

    • SSDEEP

      49152:NW80dm9/XOUkRx9zxup4HdGKvghxfki1Zc7SKBjSlM/Zf0weeDNxyt:Y09/z6x8Kcw7SKBj8MNtLNxy

    Score
    8/10
    adwarediscoverypersistencespywarestealer

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks