Overview

overview

8

Static

static

3

21e94dccbd...94.dll

windows7-x64

8

21e94dccbd...94.dll

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21e94dccbdc122727f14d8b4c4902294

  • Size

    472KB

  • Sample

    231231-axtbnshfc8

  • MD5

    21e94dccbdc122727f14d8b4c4902294

  • SHA1

    078ab71a62e194fb70ff07397f340c8079c36420

  • SHA256

    45b9ce71c5eb6d04208767ea10c948deb47131227b53b2140e87ee6a1c0adef6

  • SHA512

    505678a666a4713b94e8f32b9a2444cbaed8c079886ce8a061a1961f815bb289c7813bebbc927f4e3c48efca67ed039c2da12004e7c3693045289f7e6753c30b

  • SSDEEP

    12288:oIx3n4BiTNvjrcyWHNauyasMoG+H5mgHBVcSj5/OAiroWUBF8:oIx3JNLrqNB7sMoG+H5m+Vj01oWUBF

Score
8/10
adwarebootkitpersistencestealer

Malware Config

Targets

    • Target

      21e94dccbdc122727f14d8b4c4902294

    • Size

      472KB

    • MD5

      21e94dccbdc122727f14d8b4c4902294

    • SHA1

      078ab71a62e194fb70ff07397f340c8079c36420

    • SHA256

      45b9ce71c5eb6d04208767ea10c948deb47131227b53b2140e87ee6a1c0adef6

    • SHA512

      505678a666a4713b94e8f32b9a2444cbaed8c079886ce8a061a1961f815bb289c7813bebbc927f4e3c48efca67ed039c2da12004e7c3693045289f7e6753c30b

    • SSDEEP

      12288:oIx3n4BiTNvjrcyWHNauyasMoG+H5mgHBVcSj5/OAiroWUBF8:oIx3JNLrqNB7sMoG+H5m+Vj01oWUBF

    Score
    8/10
    adwarebootkitpersistencestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks