Overview

overview

8

Static

static

7

LauncherFe...86.exe

windows7-x64

7

LauncherFe...86.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    LauncherFenix-Java-8u51-Windows-i586.exe

  • Size

    35.6MB

  • Sample

    230323-yz9nfahh64

  • MD5

    8f061e42a33d2017af3f0f7d5245d4eb

  • SHA1

    e0e42aaeedbb77a19809004a576496dcdcf99ed5

  • SHA256

    59b134a5e245582cf832732bca256a3c39b50d81ace3e2c6b37c71dfba99e077

  • SHA512

    41279f05588bda2627677402aa4e56af4eeb6c92c9804f8e5e092daa21868649ad29d64efe9059e150b29a01a8510e27781833c23d3e02d81323524d2971e1b6

  • SSDEEP

    786432:xAP94qj9fGRpAJkolSM03oq8D80oz96O4oUTXM6ioA+hxsQdmPEU5gCzL:xZqjIpANWY989zAoUOozuQd+xL

Score
8/10
adwarepersistencestealerupx

Malware Config

Targets

    • Target

      LauncherFenix-Java-8u51-Windows-i586.exe

    • Size

      35.6MB

    • MD5

      8f061e42a33d2017af3f0f7d5245d4eb

    • SHA1

      e0e42aaeedbb77a19809004a576496dcdcf99ed5

    • SHA256

      59b134a5e245582cf832732bca256a3c39b50d81ace3e2c6b37c71dfba99e077

    • SHA512

      41279f05588bda2627677402aa4e56af4eeb6c92c9804f8e5e092daa21868649ad29d64efe9059e150b29a01a8510e27781833c23d3e02d81323524d2971e1b6

    • SSDEEP

      786432:xAP94qj9fGRpAJkolSM03oq8D80oz96O4oUTXM6ioA+hxsQdmPEU5gCzL:xZqjIpANWY989zAoUOozuQd+xL

    Score
    8/10
    upxadwarepersistencestealer

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

2
T1060

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

4
T1112

Install Root Certificate

1
T1130

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks