f9b5b953d2332478caff35d6f4503c44d857ea5fefd80a3be3d2af41e1d9df82 | Triage

Submit
Reports

Overview

overview

Static

static

1

5d96bb8766...11.exe

windows7-x64

5d96bb8766...11.exe

windows10-2004-x64

Sharing

General

Target

5d96bb8766343c2cfd9e3fafb8abd811
Size

1.3MB
Sample

230329-jpvn7sfd24
MD5

5d96bb8766343c2cfd9e3fafb8abd811
SHA1

9c004c5fbbbaac95c24e1dc03ba036869e295bf7
SHA256

f9b5b953d2332478caff35d6f4503c44d857ea5fefd80a3be3d2af41e1d9df82
SHA512

0ceb068065c77c200aa32b6deff4af1ddea34c9783eb03a116af197576dda4d61127a4e41dc0527e32e43de492771aa651adf971cb0ea0356f32b78e824979f7
SSDEEP

24576:UHrzYhkMmg95wf0/7Xqu/l2AcyezF2jammpFOFbGe8utDcG5oDHWOJv15:8ckO95wfW24Rexy3mpgFbGfutUzvb

Score

10^/10

adware evasion persistence trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5d96bb8766343c2cfd9e3fafb8abd811.exe

Resource

win7-20230220-en

adware evasion persistence trojan

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

5d96bb8766343c2cfd9e3fafb8abd811.exe

Resource

win10v2004-20230220-en

adware evasion persistence trojan

windows10-2004-x64

22 signatures

150 seconds

Malware Config

Targets

- Target
  
  5d96bb8766343c2cfd9e3fafb8abd811
- Size
  
  1.3MB
- MD5
  
  5d96bb8766343c2cfd9e3fafb8abd811
- SHA1
  
  9c004c5fbbbaac95c24e1dc03ba036869e295bf7
- SHA256
  
  f9b5b953d2332478caff35d6f4503c44d857ea5fefd80a3be3d2af41e1d9df82
- SHA512
  
  0ceb068065c77c200aa32b6deff4af1ddea34c9783eb03a116af197576dda4d61127a4e41dc0527e32e43de492771aa651adf971cb0ea0356f32b78e824979f7
- SSDEEP
  
  24576:UHrzYhkMmg95wf0/7Xqu/l2AcyezF2jammpFOFbGe8utDcG5oDHWOJv15:8ckO95wfW24Rexy3mpgFbGfutUzvb
Score

10^/10

adware evasion persistence trojan
- UAC bypass
  evasion trojan
- Allows Chrome notifications for new domains
  adware
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

adwareevasionpersistencetrojan

behavioral2

adwareevasionpersistencetrojan

© 2018-2024

Terms | Privacy