Overview

overview

8

Static

static

ff8e87bf3a...68.exe

windows7-x64

8

ff8e87bf3a...68.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff8e87bf3a57fa1df81ccea8a6d3635e6c26a3c55fbd56b35c4a99346a78e768

  • Size

    2.5MB

  • Sample

    221124-tt29yseh92

  • MD5

    df5e358054318fa951e97e2c2b41a4c2

  • SHA1

    592d8f8bbe6a78e41146eb31959331ac9b2adba3

  • SHA256

    ff8e87bf3a57fa1df81ccea8a6d3635e6c26a3c55fbd56b35c4a99346a78e768

  • SHA512

    8884976e8261a695762fb86ef6ff403787e8d76e53f444b3993f9ffe4b5f535cbca37ea2dc67365ed3d3b8ff60c1203338f0a065c6057530c8206ced0eb6385e

  • SSDEEP

    49152:h1OsPGX0rN1lHAKkZ8t8Fh4t9h1bhCrpputi55SASf8HSbXBAm2:h1OZAV1boSVg

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      ff8e87bf3a57fa1df81ccea8a6d3635e6c26a3c55fbd56b35c4a99346a78e768

    • Size

      2.5MB

    • MD5

      df5e358054318fa951e97e2c2b41a4c2

    • SHA1

      592d8f8bbe6a78e41146eb31959331ac9b2adba3

    • SHA256

      ff8e87bf3a57fa1df81ccea8a6d3635e6c26a3c55fbd56b35c4a99346a78e768

    • SHA512

      8884976e8261a695762fb86ef6ff403787e8d76e53f444b3993f9ffe4b5f535cbca37ea2dc67365ed3d3b8ff60c1203338f0a065c6057530c8206ced0eb6385e

    • SSDEEP

      49152:h1OsPGX0rN1lHAKkZ8t8Fh4t9h1bhCrpputi55SASf8HSbXBAm2:h1OZAV1boSVg

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks