874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e | Triage

Submit
Reports

Overview

overview

8

Static

static

874d85c337...6e.exe

windows7-x64

8

874d85c337...6e.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e
Size

250KB
Sample

221202-bvssssea5y
MD5

b371778e0321911f77f1d17beb77f270
SHA1

85eadf87d0bec9ce2be31359b07c5f27fede1200
SHA256

874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e
SHA512

b8cf79ca2144242ef1958b50231fa75ea024129cb844540e1f0cae0d7b269c70206eeda033f693f4d21e1037b30216ec838fe63b6b989f5e3507d671aa43fe2e
SSDEEP

6144:h1OgDPdkBAFZWjadD4s5+LOiH6rrjNmbRFeUBiF:h1OgLdaO+LLaXjQb7Y

Score

8^/10

adware discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e.exe

Resource

win7-20221111-en

adware discovery spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e.exe

Resource

win10v2004-20221111-en

adware discovery spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e
- Size
  
  250KB
- MD5
  
  b371778e0321911f77f1d17beb77f270
- SHA1
  
  85eadf87d0bec9ce2be31359b07c5f27fede1200
- SHA256
  
  874d85c33785868f3644d4bd6fe46df7a84629ba1e6ee693248d6012605fd56e
- SHA512
  
  b8cf79ca2144242ef1958b50231fa75ea024129cb844540e1f0cae0d7b269c70206eeda033f693f4d21e1037b30216ec838fe63b6b989f5e3507d671aa43fe2e
- SSDEEP
  
  6144:h1OgDPdkBAFZWjadD4s5+LOiH6rrjNmbRFeUBiF:h1OgLdaO+LLaXjQb7Y
Score

8^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer

© 2018-2025

Terms | Privacy