Overview

overview

10

Static

static

7

278353d75d...d5.exe

windows7-x64

10

278353d75d...d5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    278353d75d65518b2e314e11f78a80d5

  • Size

    9KB

  • Sample

    231231-ep6dgsfhfk

  • MD5

    278353d75d65518b2e314e11f78a80d5

  • SHA1

    4e75e986a763dabce1ae5b78cfeb25e8c682228a

  • SHA256

    3d4869eb1194f6443ed82497639778bdec6144c68fa619ee5db28f40cac88767

  • SHA512

    abca3dd3240a59d419052c5fa28b5b2d22d6e430f57d9c12a8683260d9e41fc4fa8e3eea483ee0e0292e1fddbaae9f70f97ef78349e6ee384d74abd226d1e2d1

  • SSDEEP

    192:Tb5OGSHUawxokr597j9/lhntUASVgqSB:TFO8apGRjtxVSsB

Score
10/10
adwarepersistencestealerupx

Malware Config

Targets

    • Target

      278353d75d65518b2e314e11f78a80d5

    • Size

      9KB

    • MD5

      278353d75d65518b2e314e11f78a80d5

    • SHA1

      4e75e986a763dabce1ae5b78cfeb25e8c682228a

    • SHA256

      3d4869eb1194f6443ed82497639778bdec6144c68fa619ee5db28f40cac88767

    • SHA512

      abca3dd3240a59d419052c5fa28b5b2d22d6e430f57d9c12a8683260d9e41fc4fa8e3eea483ee0e0292e1fddbaae9f70f97ef78349e6ee384d74abd226d1e2d1

    • SSDEEP

      192:Tb5OGSHUawxokr597j9/lhntUASVgqSB:TFO8apGRjtxVSsB

    Score
    10/10
    adwarepersistencestealerupx

    • Modifies WinLogon for persistence

      persistence

    • Drops file in Drivers directory

    • Sets service image path in registry

      persistence

    • Modifies system executable filetype association

      persistence

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Modifies WinLogon

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks