Overview

overview

7

Static

static

1

Advanced-S....W.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Advanced-System-Repair-Pro-RepairTool.W.exe

  • Size

    16.0MB

  • Sample

    230525-agtmhafg8v

  • MD5

    22cf12c3c2cabc052f97dd29651d9532

  • SHA1

    116345eadd9228e6421aa4a677990f8df6a6a15b

  • SHA256

    48afdbbabd11a73c88d648cf8941ba4d2e43f82838f11ab0f2498202beb25dfe

  • SHA512

    b8da3214055a8b74b29374c5a65e7fc42e0e6695c89521c72a6a71f3a3a5050e740217cf2f404833fa6278b485f3ae3600c25768bb82739f1f906a940dc09fc4

  • SSDEEP

    393216:+pWe6UQOEEeNscNcmGDfiDSFjau/W/zmTfuLms:oWeZbeNvXBeFeeW/V

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Advanced-System-Repair-Pro-RepairTool.W.exe

    • Size

      16.0MB

    • MD5

      22cf12c3c2cabc052f97dd29651d9532

    • SHA1

      116345eadd9228e6421aa4a677990f8df6a6a15b

    • SHA256

      48afdbbabd11a73c88d648cf8941ba4d2e43f82838f11ab0f2498202beb25dfe

    • SHA512

      b8da3214055a8b74b29374c5a65e7fc42e0e6695c89521c72a6a71f3a3a5050e740217cf2f404833fa6278b485f3ae3600c25768bb82739f1f906a940dc09fc4

    • SSDEEP

      393216:+pWe6UQOEEeNscNcmGDfiDSFjau/W/zmTfuLms:oWeZbeNvXBeFeeW/V

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks system information in the registry

      System information is often read in order to detect sandboxing environments.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks