General

  • Target

    JavaSetup8u361.exe

  • Size

    2.2MB

  • Sample

    230317-2v4s6scd3y

  • MD5

    d3809baddaf7b1e7d94484160043328b

  • SHA1

    e1979f5248d3b20858b11386ce22b1ccb0a9bfb5

  • SHA256

    e28f198ca200445ab45dd4e94d49993ad1a9a21548908ca9c09ade6419c2e079

  • SHA512

    96350ef6c81a1bc7d3c6b29c2a66ffaa1cf4f86172d3f52d39bcbf3886da41208b75cfe16bbf4ea23e04b2e0616637083eeacdefb8c0edc3ce6d0f2f89f881c6

  • SSDEEP

    49152:OOt2ad8mKKue2/8cTs0HFTPO86O3jUfkptVx41inlc8z+o2:OOt2yMT/8cTs09RjUu54Ai

Score
7/10

Malware Config

Targets

    • Target

      JavaSetup8u361.exe

    • Size

      2.2MB

    • MD5

      d3809baddaf7b1e7d94484160043328b

    • SHA1

      e1979f5248d3b20858b11386ce22b1ccb0a9bfb5

    • SHA256

      e28f198ca200445ab45dd4e94d49993ad1a9a21548908ca9c09ade6419c2e079

    • SHA512

      96350ef6c81a1bc7d3c6b29c2a66ffaa1cf4f86172d3f52d39bcbf3886da41208b75cfe16bbf4ea23e04b2e0616637083eeacdefb8c0edc3ce6d0f2f89f881c6

    • SSDEEP

      49152:OOt2ad8mKKue2/8cTs0HFTPO86O3jUfkptVx41inlc8z+o2:OOt2yMT/8cTs09RjUu54Ai

    Score
    7/10
    • Executes dropped EXE

    • Loads dropped DLL

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Browser Extensions

1
T1176

Defense Evasion

Modify Registry

3
T1112

Install Root Certificate

1
T1130

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Tasks