Overview

overview

10

Static

static

27412da38f...63.exe

windows7-x64

10

27412da38f...63.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    27412da38fde9ef39250693ad281dbb222b83a032322460fe3f0144ee80b0d63

  • Size

    244KB

  • Sample

    221124-l66h5saf7z

  • MD5

    17c90fb4c2d6c8503a52212d68740319

  • SHA1

    fe8483c33b14ca013da36afdc1278ac220b8bd3d

  • SHA256

    27412da38fde9ef39250693ad281dbb222b83a032322460fe3f0144ee80b0d63

  • SHA512

    c978c6303a89125723aeb2cadcbeb945ed1f7341bb956f231f6c3104c02f4aa68a61041a59ee800edcea1623bf8b76bd6e84f6e987749462ab43ef0cc07af74a

  • SSDEEP

    6144:1ND+xKDtDAr6GBzeS5bzQiOTn+fD3sUGMBjMu:KxCDAm0eS5bzQiOTn+fD39Bj

Score
10/10
adwareevasionspywarestealertrojan

Malware Config

Targets

    • Target

      27412da38fde9ef39250693ad281dbb222b83a032322460fe3f0144ee80b0d63

    • Size

      244KB

    • MD5

      17c90fb4c2d6c8503a52212d68740319

    • SHA1

      fe8483c33b14ca013da36afdc1278ac220b8bd3d

    • SHA256

      27412da38fde9ef39250693ad281dbb222b83a032322460fe3f0144ee80b0d63

    • SHA512

      c978c6303a89125723aeb2cadcbeb945ed1f7341bb956f231f6c3104c02f4aa68a61041a59ee800edcea1623bf8b76bd6e84f6e987749462ab43ef0cc07af74a

    • SSDEEP

      6144:1ND+xKDtDAr6GBzeS5bzQiOTn+fD3sUGMBjMu:KxCDAm0eS5bzQiOTn+fD39Bj

    Score
    10/10
    adwareevasionspywarestealertrojan

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks