Overview

overview

8

Static

static

3

unlocker1.9.2.exe

windows10-1703-x64

8

unlocker1.9.2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ap-file-unlocker1.9.2.exe--667738284.zip

  • Size

    1015KB

  • Sample

    231101-289lksfh77

  • MD5

    a802479ae867195fe316b9331359cfd8

  • SHA1

    4240758894ea6bec00df454654ad2c40c7fc7367

  • SHA256

    a2575f7366a5dac35d8849d59aef4fe344255ee4974dbc26658cff1633313067

  • SHA512

    c1b57ef553fc6492fe39f3c28f5d9fcca1ddd148b5cc16066a0c21690c6550cb2d715095fc9b42fef12ba74b3eebf5e390da5549db3121733f0af06eae5dbafa

  • SSDEEP

    24576:G6HTljXU9brymjgPRhyZXSih9M+iiwT2zwtaQD/PzV+wItc5ASe9J:G6HTR0XymkP/aSi9iiwy0jUTtvLJ

Score
8/10
discoveryevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      unlocker1.9.2.exe

    • Size

      1.0MB

    • MD5

      1e02d6aa4a199448719113ae3926afb2

    • SHA1

      f1eff6451ced129c0e5c0a510955f234a01158a0

    • SHA256

      fb6b1171776554a808c62f4045f5167603f70bf7611de64311ece0624b365397

    • SHA512

      7d0f1416beb8c141ee992fe594111042309690c00741dff8f9f31b4652ed6a96b57532780e3169391440076d7ace63966fab526a076adcdc7f7ab389b4d0ff98

    • SSDEEP

      24576:eLMeYSiGTpTLDxxwqQcqOj5eyHox6ZGmAuXE7ZBlbT:+PbVvwqQpoLHontDrlbT

    Score
    8/10
    discoveryevasionpersistencespywarestealertrojan

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks