4a02d610ab81e5a1861407c729775d15859b5c77e4e2894b230285b95155d020

General

Target

f705ac114767397fb5e7cd1603e70954.zip
Size

947KB
Sample

230403-aqpd5sdb6w
MD5

1c18bd70d7d2c482d09e4328ebad0ea6
SHA1

51f906d225df7bd9b85a4ed99f48c94ddb931428
SHA256

4a02d610ab81e5a1861407c729775d15859b5c77e4e2894b230285b95155d020
SHA512

26bb219939b8b48af66ede485eb522b2d22a094aa48c996ceda17244977b514a759250cdf627de6cb4eebb1bcff2ad9c868f2c710278b04974e1a83e66ce2c04
SSDEEP

24576:sv+KuewubKqd2AAC3tKwvQ54IlqysEQJURvytUzg0:sVuLpqkBCdtQmIIBHURP5

Score

10^/10

Malware Config

Targets

- Target
  
  config.reg
- Size
  
  16.4MB
- MD5
  
  f705ac114767397fb5e7cd1603e70954
- SHA1
  
  256eb7bc8eb06baf17dd9cb99d11a68caea0d8e9
- SHA256
  
  97d7fc21caf2e830076d8d880bdfe906fae5a4925e6c1012087b764a75989089
- SHA512
  
  b086bbd7b14e2cc60107aa8bfdf102fe0f7c81d2dab22937361362b52edd0ac33b3b841c25d0af84e36f7f6330d1bcf1a5ab17b3eac4076a37f1b46a26129999
- SSDEEP
  
  12288:7mo9FVn0sQZR9IOKHFqCAn0IEUhrDRB6G+tl5vwKMq7e41u:fKS3hlUhrDRB6G4wKMq2
Score

10^/10

adware evasion persistence stealer trojan
- Adds autorun key to be loaded by Explorer.exe on startup
  persistence
- UAC bypass
  evasion trojan
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Adds Run key to start application
  persistence
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1
- Target
  
  importantUpdate.bat
- Size
  
  1016B
- MD5
  
  bf16a6aec517b7ec9c5d6eb3f4c60824
- SHA1
  
  b8d09f82977f780289252d7ce1eae087389dec3d
- SHA256
  
  fc4de26ede0690dbc4ef4ed7ffcc28c086d5c8998f2cbe1e2c3c20516c7da2db
- SHA512
  
  eda82a101e38fad8b49bbaee708f7e81ebf62ed41d3172d34c97b71b415a2019fc87672cfc94479c3a7c28a24f8d5a9a89a395db869a906d4dfd42e6ed5feedd
Score

8^/10

persistence
- Creates new service(s)
  persistence
- Adds Run key to start application
  persistence
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral2