Overview

overview

8

Static

static

3

04a47d3ff5...cf.exe

windows7-x64

8

04a47d3ff5...cf.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    04a47d3ff527137f9f69e5d6ef82aecf

  • Size

    170KB

  • Sample

    231224-tfbvvagchk

  • MD5

    04a47d3ff527137f9f69e5d6ef82aecf

  • SHA1

    b1f09d5fa2ac23d09560ee25be123bbc4766fc5e

  • SHA256

    cf26d109210faef7d11e7f953e33f4b822624f5c8550fdad723bb63ac915a4e8

  • SHA512

    eb76cfbbf9d5064cf57628226cd5f61a807c163ea2279bd78087863ff62813c7c6dae8799e0cff7a5e20cc5a770610747f8c819928f71a2bfef5a302a26177da

  • SSDEEP

    3072:rFbZKoyQ4KBI1Jm1ozz7nFXpVcU1qboubhq8j1icx3nhtn1R9J2tGt50QiQ:rPKjQb1uFjcUuoikO/x3hvJ2ktEQ

Score
8/10
adwarediscoverystealer

Malware Config

Targets

    • Target

      04a47d3ff527137f9f69e5d6ef82aecf

    • Size

      170KB

    • MD5

      04a47d3ff527137f9f69e5d6ef82aecf

    • SHA1

      b1f09d5fa2ac23d09560ee25be123bbc4766fc5e

    • SHA256

      cf26d109210faef7d11e7f953e33f4b822624f5c8550fdad723bb63ac915a4e8

    • SHA512

      eb76cfbbf9d5064cf57628226cd5f61a807c163ea2279bd78087863ff62813c7c6dae8799e0cff7a5e20cc5a770610747f8c819928f71a2bfef5a302a26177da

    • SSDEEP

      3072:rFbZKoyQ4KBI1Jm1ozz7nFXpVcU1qboubhq8j1icx3nhtn1R9J2tGt50QiQ:rPKjQb1uFjcUuoikO/x3hvJ2ktEQ

    Score
    8/10
    adwarediscoverystealer

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks