Overview

overview

8

Static

static

29aecba6cf...40.exe

windows7-x64

8

29aecba6cf...40.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29aecba6cf15b9b30464fc1d82742c390636270597b01dfd11af0a0ddf504d40

  • Size

    4.4MB

  • Sample

    221125-d3zx7ahc24

  • MD5

    1cecded75af6bef115fcdbbd0f7621e6

  • SHA1

    5929a71abc05a2d171f2165ea71ceb7a58e9e5b5

  • SHA256

    29aecba6cf15b9b30464fc1d82742c390636270597b01dfd11af0a0ddf504d40

  • SHA512

    40fefe55576369761f5022322d875a23cf8d148cfffd184d3e67cef1107bd80cc610bce96175de81d1e94657652b998237b61c791cbe0498dc1cbcf953930aa1

  • SSDEEP

    98304:yfcnIHqCikpthCzP5ebuOBqF/j8MNtLNxw:4cDP5SMw

Score
8/10
adwarediscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      29aecba6cf15b9b30464fc1d82742c390636270597b01dfd11af0a0ddf504d40

    • Size

      4.4MB

    • MD5

      1cecded75af6bef115fcdbbd0f7621e6

    • SHA1

      5929a71abc05a2d171f2165ea71ceb7a58e9e5b5

    • SHA256

      29aecba6cf15b9b30464fc1d82742c390636270597b01dfd11af0a0ddf504d40

    • SHA512

      40fefe55576369761f5022322d875a23cf8d148cfffd184d3e67cef1107bd80cc610bce96175de81d1e94657652b998237b61c791cbe0498dc1cbcf953930aa1

    • SSDEEP

      98304:yfcnIHqCikpthCzP5ebuOBqF/j8MNtLNxw:4cDP5SMw

    Score
    8/10
    adwarediscoverypersistencespywarestealer

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks