Overview

overview

7

Static

static

3

6ce5afac5b...93.exe

windows7-x64

7

6ce5afac5b...93.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ce5afac5ba2fe2015d5bf0e3d8c9f93

  • Size

    253KB

  • Sample

    231226-n7gyaagehm

  • MD5

    6ce5afac5ba2fe2015d5bf0e3d8c9f93

  • SHA1

    885c8b2a08cc32ed2943928f9cbbe481d71b0d82

  • SHA256

    44ee1342f0017083995ffaff831d09e459932a0a3c911c06e62a68ffe84db884

  • SHA512

    7657d60299f2e6d71dd9040df8422f3aa854b3abe090129bea7d8040e9ae3683342b06e679c90815591fafcfca943f0df223cc8b50064a07721eadefd1d59abc

  • SSDEEP

    6144:SY94Narf098CKA+PwBy6cSz0fg/mOqKqhrIMu/3:R9OaT0981Jl1fgOdKQg3

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      6ce5afac5ba2fe2015d5bf0e3d8c9f93

    • Size

      253KB

    • MD5

      6ce5afac5ba2fe2015d5bf0e3d8c9f93

    • SHA1

      885c8b2a08cc32ed2943928f9cbbe481d71b0d82

    • SHA256

      44ee1342f0017083995ffaff831d09e459932a0a3c911c06e62a68ffe84db884

    • SHA512

      7657d60299f2e6d71dd9040df8422f3aa854b3abe090129bea7d8040e9ae3683342b06e679c90815591fafcfca943f0df223cc8b50064a07721eadefd1d59abc

    • SSDEEP

      6144:SY94Narf098CKA+PwBy6cSz0fg/mOqKqhrIMu/3:R9OaT0981Jl1fgOdKQg3

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks