Overview

overview

8

Static

static

3

04824b899a...94.exe

windows7-x64

8

04824b899a...94.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    04824b899ac4af741ed653c9d0a25594

  • Size

    415KB

  • Sample

    231224-tc28mafhem

  • MD5

    04824b899ac4af741ed653c9d0a25594

  • SHA1

    44bfc2403223cc782f5e52677a5dffcc5d61d6a7

  • SHA256

    73e1111fc0f035f2e2558233587da0638e34a2dbbe8406157a0d3554fe43b941

  • SHA512

    711895b2955daa45efb56bff27a05f108ed53b883dedf82d9aa53015f7f634eb350a647792162859487515cb878946199d609c6c525a06a9d6aa6653339ab904

  • SSDEEP

    12288:10HpbedwdXPPfMSxt6+sNgJfwrgLuxUqLX:10HpbedaPnhxIDyfwrCRqb

Score
8/10
adwarediscoverypersistencestealer

Malware Config

Targets

    • Target

      04824b899ac4af741ed653c9d0a25594

    • Size

      415KB

    • MD5

      04824b899ac4af741ed653c9d0a25594

    • SHA1

      44bfc2403223cc782f5e52677a5dffcc5d61d6a7

    • SHA256

      73e1111fc0f035f2e2558233587da0638e34a2dbbe8406157a0d3554fe43b941

    • SHA512

      711895b2955daa45efb56bff27a05f108ed53b883dedf82d9aa53015f7f634eb350a647792162859487515cb878946199d609c6c525a06a9d6aa6653339ab904

    • SSDEEP

      12288:10HpbedwdXPPfMSxt6+sNgJfwrgLuxUqLX:10HpbedaPnhxIDyfwrCRqb

    Score
    8/10
    adwarediscoverypersistencestealer

    • Sets DLL path for service in the registry

      persistence

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks