Overview

overview

7

Static

static

1

advanced-s...up.exe

windows7-x64

4

advanced-s...up.exe

windows10-2004-x64

7

Resubmissions

13-07-2023 13:40

230713-qykc6ahg5x 7

13-07-2023 13:35

230713-qv4mmagh59 7

13-07-2023 13:31

230713-qsdcnagh49 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    advanced-systemcare-setup.exe

  • Size

    48.5MB

  • Sample

    230713-qv4mmagh59

  • MD5

    f14d068cfae207f898fb76eaf1367043

  • SHA1

    c3dbda0acaf1e5fd1a493d2dd1cc3da0c017f0bc

  • SHA256

    990034eea06c068b8384741d36fab9e53c7cf7de10e8531b915f34c1ed0c0885

  • SHA512

    544b9fecc1923d12ae027b48383fe4811b3684d7ddd797b2096b10a35fe9a1670d125110f4a2e77222bd6d434681af738cc519be326bfcc551e3fd141a27e663

  • SSDEEP

    786432:yK021ALYXrd2i5u5ySyYTcER34bgeIT10qcbVR5i7ecLrqF1O029nSeJ4z:9IKU0udTdIbgBqbiScLr0h29SNz

Score
7/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      advanced-systemcare-setup.exe

    • Size

      48.5MB

    • MD5

      f14d068cfae207f898fb76eaf1367043

    • SHA1

      c3dbda0acaf1e5fd1a493d2dd1cc3da0c017f0bc

    • SHA256

      990034eea06c068b8384741d36fab9e53c7cf7de10e8531b915f34c1ed0c0885

    • SHA512

      544b9fecc1923d12ae027b48383fe4811b3684d7ddd797b2096b10a35fe9a1670d125110f4a2e77222bd6d434681af738cc519be326bfcc551e3fd141a27e663

    • SSDEEP

      786432:yK021ALYXrd2i5u5ySyYTcER34bgeIT10qcbVR5i7ecLrqF1O029nSeJ4z:9IKU0udTdIbgBqbiScLr0h29SNz

    Score
    7/10
    discoverypersistencespywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks