Overview

overview

8

Static

static

35b0bb9da9...17.exe

windows7-x64

8

35b0bb9da9...17.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    35b0bb9da9c3b811da7f1c670c8ebdbb519c37e81b7d5ade15b25b2ac433df17

  • Size

    4.4MB

  • Sample

    221125-deqdvafg34

  • MD5

    242a5be64348fd51d66b3c5ef513bfad

  • SHA1

    7d3f53af027b3ec2e89f0b788ea6ffe030b7d6a2

  • SHA256

    35b0bb9da9c3b811da7f1c670c8ebdbb519c37e81b7d5ade15b25b2ac433df17

  • SHA512

    5c1e91cd7ca7b90583623e6b436f7a1bb7fbaf89ad869a51a9d94bf1c94a05931d00bc2afda20e9dadc55b622bd1d0aae9707b4b88a5cf6b90f62c2db996ce34

  • SSDEEP

    49152:lD8Ut7O8fe2mchdUxup4sdGKvghxfki1Ic7SKPjSlM/Zf0weeDNxdG:LhO8hxhCKcD7SKPj8MNtLNxd

Score
8/10
adwarediscoverypersistencespywarestealer

Malware Config

Targets

    • Target

      35b0bb9da9c3b811da7f1c670c8ebdbb519c37e81b7d5ade15b25b2ac433df17

    • Size

      4.4MB

    • MD5

      242a5be64348fd51d66b3c5ef513bfad

    • SHA1

      7d3f53af027b3ec2e89f0b788ea6ffe030b7d6a2

    • SHA256

      35b0bb9da9c3b811da7f1c670c8ebdbb519c37e81b7d5ade15b25b2ac433df17

    • SHA512

      5c1e91cd7ca7b90583623e6b436f7a1bb7fbaf89ad869a51a9d94bf1c94a05931d00bc2afda20e9dadc55b622bd1d0aae9707b4b88a5cf6b90f62c2db996ce34

    • SSDEEP

      49152:lD8Ut7O8fe2mchdUxup4sdGKvghxfki1Ic7SKPjSlM/Zf0weeDNxdG:LhO8hxhCKcD7SKPj8MNtLNxd

    Score
    8/10
    adwarediscoverypersistencespywarestealer

    • Registers COM server for autorun

      persistence

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks