bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f

Analysis

max time kernel
46s
max time network
51s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
29-11-2022 11:21

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f.exe
Size

430KB
MD5

2fa65401a8a3b65395acf1ef06b8fa64
SHA1

a02b778cf0f9265a53d4efeaa05e19dca1a636c2
SHA256

bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f
SHA512

e916b1a24490484f4102cdb10ebd5f80e2b2f8a41e7fe8cc818ef308488f97b7eb366699cec5a9f32c8ba46b5ad83e86931453ced777b8bd5547834ae715277a
SSDEEP

6144:LPV06p97gK7TZuPVTfyjthBqZp/k3n+oiDonxup9FHSoGsUBJRHkDXqjp+l:K6pt/TZieXBg/k3+ton8dGLBg+U

Score

6^/10

adware stealer

Malware Config

Signatures

Installs/modifies Browser Helper Object 2 TTPs 1 IoCs

BHOs are DLL modules which act as plugins for Internet Explorer.

stealer adware

Modify Registry

T1112

Browser Extensions

T1176

description	ioc	Process
Key created	\REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects	bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f.exe

C:\Users\Admin\AppData\Local\Temp\bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f.exe
"C:\Users\Admin\AppData\Local\Temp\bf571354df45e7d537e4b217c70f03bd0ec908f24c40293539544e703332ee0f.exe"
1⤵
- Installs/modifies Browser Helper Object
PID:1340

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

T1176

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1340-54-0x0000000074DE1000-0x0000000074DE3000-memory.dmp

Filesize
8KB

Download