275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f | Triage

Submit
Reports

Overview

overview

8

Static

static

275fbc9721...1f.exe

windows7-x64

8

275fbc9721...1f.exe

windows10-2004-x64

8

Sharing

General

Target

275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f
Size

4.3MB
Sample

221125-d7y7fshe59
MD5

d53253871a504fc32bb0f84395c8df4b
SHA1

b2a06db651a28935dc0ecdc4670c084d447a023c
SHA256

275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f
SHA512

d18fd51b9d569f4da6fd913ce189c92ab749a7f1a6a0026364b1dc4f86556cad691834ffc6d2c6bae31c988806f8a54d9a0fc47e4888af9b59f29d077dc8dc06
SSDEEP

49152:MUuKYWYG/n0JOKLmxup4adGKvghxfki1tOCrZguQpZ8hpTQdNP:5jYGcAKYKcSWZg7ZspsdN

Score

8^/10

adware discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f.exe

Resource

win7-20221111-en

adware discovery persistence stealer

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f.exe

Resource

win10v2004-20221111-en

adware discovery persistence stealer

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f
- Size
  
  4.3MB
- MD5
  
  d53253871a504fc32bb0f84395c8df4b
- SHA1
  
  b2a06db651a28935dc0ecdc4670c084d447a023c
- SHA256
  
  275fbc972146975eef19a5da49ec92fe57487813db04d7abd96202bb9550ca1f
- SHA512
  
  d18fd51b9d569f4da6fd913ce189c92ab749a7f1a6a0026364b1dc4f86556cad691834ffc6d2c6bae31c988806f8a54d9a0fc47e4888af9b59f29d077dc8dc06
- SSDEEP
  
  49152:MUuKYWYG/n0JOKLmxup4adGKvghxfki1tOCrZguQpZ8hpTQdNP:5jYGcAKYKcSWZg7ZspsdN
Score

8^/10

adware discovery persistence stealer
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

behavioral2

adwarediscoverypersistencestealer

© 2018-2024

Terms | Privacy