Overview

overview

7

Static

static

3

29b7526a7f...5a.exe

windows7-x64

7

29b7526a7f...5a.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    29b7526a7fcb2332d860077e7d23765a

  • Size

    267KB

  • Sample

    231231-fzl82acbaq

  • MD5

    29b7526a7fcb2332d860077e7d23765a

  • SHA1

    f9a2860154791cf59a3db03ec04c5c442237d5fa

  • SHA256

    2c786e36d3b30a5d575c2518b8392c270858f03414462bd81ebc9ae0456db27e

  • SHA512

    d2a55d1ae1d8a27d684e8fe93bc1028b86416c0465891dc03ac0e4dfa886e0ca08707c32bca718e1c24551e2a8cc2799176871124a2ddab74922c363b23be42f

  • SSDEEP

    6144:MY94NFghdJX6Srh6rwBsomeRK4dXlNkRux3BH1rjrti4:T9OFgJLAwBswKAqmRHNrM4

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      29b7526a7fcb2332d860077e7d23765a

    • Size

      267KB

    • MD5

      29b7526a7fcb2332d860077e7d23765a

    • SHA1

      f9a2860154791cf59a3db03ec04c5c442237d5fa

    • SHA256

      2c786e36d3b30a5d575c2518b8392c270858f03414462bd81ebc9ae0456db27e

    • SHA512

      d2a55d1ae1d8a27d684e8fe93bc1028b86416c0465891dc03ac0e4dfa886e0ca08707c32bca718e1c24551e2a8cc2799176871124a2ddab74922c363b23be42f

    • SSDEEP

      6144:MY94NFghdJX6Srh6rwBsomeRK4dXlNkRux3BH1rjrti4:T9OFgJLAwBswKAqmRHNrM4

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks