Overview

overview

8

Static

static

f9f2bd2251...79.exe

windows7-x64

8

f9f2bd2251...79.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879

  • Size

    2.5MB

  • Sample

    221124-t58wwaff72

  • MD5

    d6b826bf9c31ce5f72cc231761fcd315

  • SHA1

    846b3fd6bf67763d9c4605e3cc847312fe7cfcca

  • SHA256

    f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879

  • SHA512

    325f4b8cc12117a5d8a3c9e85fa6dc00d602de5caf9a18fd27cdb608d3ec9a803010017707c31d8b6dd85399aee2e10b873b2021b932e423e961ecf60eafec90

  • SSDEEP

    49152:h1OsQ+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEd:h1OWQCjbKioVg3ArKh40U

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879

    • Size

      2.5MB

    • MD5

      d6b826bf9c31ce5f72cc231761fcd315

    • SHA1

      846b3fd6bf67763d9c4605e3cc847312fe7cfcca

    • SHA256

      f9f2bd2251695de76cf3b4eae7b4489d7fe2f3f2bc9199a89cab2b0a05bdb879

    • SHA512

      325f4b8cc12117a5d8a3c9e85fa6dc00d602de5caf9a18fd27cdb608d3ec9a803010017707c31d8b6dd85399aee2e10b873b2021b932e423e961ecf60eafec90

    • SSDEEP

      49152:h1OsQ+QK3xQpjajXKioFMpYphqd3ArqvFUmEaDxEAxh4UR9TEd:h1OWQCjbKioVg3ArKh40U

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks