Overview

overview

8

Static

static

2af38495f1...da.exe

windows7-x64

8

2af38495f1...da.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2af38495f1ce1aaf686fc2ca517c637b3ab281eaaafa5254cfcb6e04094c65da

  • Size

    2.1MB

  • Sample

    221125-2degysbe49

  • MD5

    b6a2c724e0280a757db20fa6adbc557c

  • SHA1

    cc428b67b293d9d917468705d3d72e14c25bc42f

  • SHA256

    2af38495f1ce1aaf686fc2ca517c637b3ab281eaaafa5254cfcb6e04094c65da

  • SHA512

    9422ce63d5eb9dee04df6635045d14f7c9a4a2928edd54c327c489fb3f330c22d9620aae401735623bf5715551a277a266dddb9790d520cc072c870e1e1221aa

  • SSDEEP

    49152:h1Os7yuyoY0IKAVWQrQSM5eeHY1h2PlSUQ8Pcih:h1OqgoP9oM5LFJ

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      2af38495f1ce1aaf686fc2ca517c637b3ab281eaaafa5254cfcb6e04094c65da

    • Size

      2.1MB

    • MD5

      b6a2c724e0280a757db20fa6adbc557c

    • SHA1

      cc428b67b293d9d917468705d3d72e14c25bc42f

    • SHA256

      2af38495f1ce1aaf686fc2ca517c637b3ab281eaaafa5254cfcb6e04094c65da

    • SHA512

      9422ce63d5eb9dee04df6635045d14f7c9a4a2928edd54c327c489fb3f330c22d9620aae401735623bf5715551a277a266dddb9790d520cc072c870e1e1221aa

    • SSDEEP

      49152:h1Os7yuyoY0IKAVWQrQSM5eeHY1h2PlSUQ8Pcih:h1OqgoP9oM5LFJ

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks