Overview

overview

8

Static

static

c0817f3dc8...96.exe

windows7-x64

8

c0817f3dc8...96.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c0817f3dc80d3f693f5d7280d30ed7f7fcf8087aee715982a1f9fc259b681896

  • Size

    2.5MB

  • Sample

    221124-yjd7laeg76

  • MD5

    1400928994f84ba4ba3a5b2b2c212b2c

  • SHA1

    10325cf989b6142dd1eb6653793e2b3ced2bd665

  • SHA256

    c0817f3dc80d3f693f5d7280d30ed7f7fcf8087aee715982a1f9fc259b681896

  • SHA512

    24b5aa7a38268465a7b6071904790e40c5bb8407f3eca467eeed0be545bc574962f1d1df7cfef032b308325e099ff23a1ebe21fe8f6311a40b13d7189f451cac

  • SSDEEP

    49152:h1OsoyDFXmj+BHBALGk7GNIgSDjjQkzYznJKOZaB/IsxY:h1Od0JSqALGkqaDj7Y

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      c0817f3dc80d3f693f5d7280d30ed7f7fcf8087aee715982a1f9fc259b681896

    • Size

      2.5MB

    • MD5

      1400928994f84ba4ba3a5b2b2c212b2c

    • SHA1

      10325cf989b6142dd1eb6653793e2b3ced2bd665

    • SHA256

      c0817f3dc80d3f693f5d7280d30ed7f7fcf8087aee715982a1f9fc259b681896

    • SHA512

      24b5aa7a38268465a7b6071904790e40c5bb8407f3eca467eeed0be545bc574962f1d1df7cfef032b308325e099ff23a1ebe21fe8f6311a40b13d7189f451cac

    • SSDEEP

      49152:h1OsoyDFXmj+BHBALGk7GNIgSDjjQkzYznJKOZaB/IsxY:h1Od0JSqALGkqaDj7Y

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks