Overview

overview

8

Static

static

8d74e9e4f6...38.exe

windows7-x64

8

8d74e9e4f6...38.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d74e9e4f674da9bfad54dc475673dec35df31b57f1d8b5de08e9c252c8c3538

  • Size

    2.1MB

  • Sample

    221125-rlc9radc62

  • MD5

    e59eb18afc40e5dfd9ea3d8b86d4b59a

  • SHA1

    0aa2b60104c9efedcaebde15f732abf7030f84bf

  • SHA256

    8d74e9e4f674da9bfad54dc475673dec35df31b57f1d8b5de08e9c252c8c3538

  • SHA512

    af1f65495d7d0754582d30f5091d7724bd122423f91e102db5de24d0fa5369d008363956fd19d4dff5aaf161018c56c18e21e3b75c7986708aa28f7485655c63

  • SSDEEP

    49152:h1Os5yuyoY0IKAVWQrQSM5eeHY1h2PlSUQ8Pcin:h1OsgoP9oM5LFv

Score
8/10
adwarediscoveryspywarestealer

Malware Config

Targets

    • Target

      8d74e9e4f674da9bfad54dc475673dec35df31b57f1d8b5de08e9c252c8c3538

    • Size

      2.1MB

    • MD5

      e59eb18afc40e5dfd9ea3d8b86d4b59a

    • SHA1

      0aa2b60104c9efedcaebde15f732abf7030f84bf

    • SHA256

      8d74e9e4f674da9bfad54dc475673dec35df31b57f1d8b5de08e9c252c8c3538

    • SHA512

      af1f65495d7d0754582d30f5091d7724bd122423f91e102db5de24d0fa5369d008363956fd19d4dff5aaf161018c56c18e21e3b75c7986708aa28f7485655c63

    • SSDEEP

      49152:h1Os5yuyoY0IKAVWQrQSM5eeHY1h2PlSUQ8Pcin:h1OsgoP9oM5LFv

    Score
    8/10
    adwarediscoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks