Overview

overview

8

Static

static

7

tmp.exe

windows7-x64

8

tmp.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    375KB

  • Sample

    230624-gdg8mabc8y

  • MD5

    04b346cab54c682b9091b173b1dfbd38

  • SHA1

    3fcc2279403de376d554f691090c1670c6ce6087

  • SHA256

    a3ec4bd1ce1bfe598872aac1c8a4a8db281003f4ac99e43e20d19ce49fd7ca69

  • SHA512

    f09e75514f1a4fa52d433b091510c68a7ecb4a1f976874ca07b0a7d239984dd4a604d928d5fc62c08b8cce3404bc4b615de8bc61c13675e32946ac8425d8881f

  • SSDEEP

    6144:xaxd9NJrrnTlSq5HdBu/FHhU+Cg9ddMU9ld/zzwoh/rRo4ycXbONDe/X65:sxBJnTlSq5Hn80qDdM2TXJruHki1e/X

Score
8/10
adwareaspackv2stealer

Malware Config

Targets

    • Target

      tmp

    • Size

      375KB

    • MD5

      04b346cab54c682b9091b173b1dfbd38

    • SHA1

      3fcc2279403de376d554f691090c1670c6ce6087

    • SHA256

      a3ec4bd1ce1bfe598872aac1c8a4a8db281003f4ac99e43e20d19ce49fd7ca69

    • SHA512

      f09e75514f1a4fa52d433b091510c68a7ecb4a1f976874ca07b0a7d239984dd4a604d928d5fc62c08b8cce3404bc4b615de8bc61c13675e32946ac8425d8881f

    • SSDEEP

      6144:xaxd9NJrrnTlSq5HdBu/FHhU+Cg9ddMU9ld/zzwoh/rRo4ycXbONDe/X65:sxBJnTlSq5Hn80qDdM2TXJruHki1e/X

    Score
    8/10
    adwarestealer

    • Downloads MZ/PE file

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Browser Extensions

1
T1176

Privilege Escalation

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks