f583134252923916f89136c36ec9358b8c99c9a539aa9fab4eb45806613a6c43 | Triage

Submit
Reports

Overview

overview

8

Static

static

1

jre-8u371-...64.exe

windows10-2004-x64

8

Sharing

General

Target

jre-8u371-windows-x64.exe
Size

62.6MB
Sample

230616-z5fszsgd5x
MD5

4f08b3e895659d64115e7169aeb84c46
SHA1

8e0e31e6323d19439f038ee637f34ef6478d7d72
SHA256

f583134252923916f89136c36ec9358b8c99c9a539aa9fab4eb45806613a6c43
SHA512

2a089b874a6ce473d0f357c2c0811c7bc7dc74622eaf238cb7219bd45a11af2117069f803e628dfcca24a4586cbc03ab6363eea9cfb39477360e142e208a5821
SSDEEP

1572864:zJ5hH40sC6SwwbJTD6Dq+d5CpU4VWZ7Mwg+Dzg1d:zNcrSwH2+YpU4s7MZ+Q1d

Score

8^/10

adware persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

jre-8u371-windows-x64.exe

Resource

win10v2004-20230220-en

adware persistence stealer

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  jre-8u371-windows-x64.exe
- Size
  
  62.6MB
- MD5
  
  4f08b3e895659d64115e7169aeb84c46
- SHA1
  
  8e0e31e6323d19439f038ee637f34ef6478d7d72
- SHA256
  
  f583134252923916f89136c36ec9358b8c99c9a539aa9fab4eb45806613a6c43
- SHA512
  
  2a089b874a6ce473d0f357c2c0811c7bc7dc74622eaf238cb7219bd45a11af2117069f803e628dfcca24a4586cbc03ab6363eea9cfb39477360e142e208a5821
- SSDEEP
  
  1572864:zJ5hH40sC6SwwbJTD6Dq+d5CpU4VWZ7Mwg+Dzg1d:zNcrSwH2+YpU4s7MZ+Q1d
Score

8^/10

adware persistence stealer
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Browser Extensions

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarepersistencestealer

© 2018-2024

Terms | Privacy