26e5e8eab6e58967fa019b63720ac5f22b443da1f48b7b6755ae4a52b328708c | Triage

Submit
Reports

Overview

overview

Static

static

7

NF-Submari...20.exe

windows7-x64

NF-Submari...20.exe

windows10-2004-x64

Sharing

General

Target

3707e96939b82ce6514087ba39361829
Size

21KB
Sample

231231-p763vadgfp
MD5

3707e96939b82ce6514087ba39361829
SHA1

ef6f68f69aa6cbb4a77c915712c096b3b75b8425
SHA256

26e5e8eab6e58967fa019b63720ac5f22b443da1f48b7b6755ae4a52b328708c
SHA512

71c9b783ddb49c2fb92c0c745301bb98aea6409d334f4f9b1afa5431c6f5df48a93deb8183841a1b362e2ee16ada73f65b04ffa053322ebd4561f041cd443b23
SSDEEP

384:5moy86uKGdMBsrCcLMfUsl/vUuC/izRqSO/K5Fe5R0ZfNe/kOFwArfe0xmLRi9aI:5m+SsrCcL0l/8R/iLFaR0Zfk/k8G0xoI

Score

10^/10

adware evasion stealer trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

NF-Submarino-00399220.exe

Resource

win7-20231215-en

adware evasion stealer trojan upx

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

NF-Submarino-00399220.exe

Resource

win10v2004-20231222-en

adware evasion stealer trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  NF-Submarino-00399220.exe
- Size
  
  36KB
- MD5
  
  ee0f04f2edc8bdd24118ffd335a1155a
- SHA1
  
  358e7ebf619344c9920e7f56e8d972092af4d15f
- SHA256
  
  bf0eedb045caf1ac02c69e46d96ce3284c0d6a17a5b6d51056ea9cf03ef8d06a
- SHA512
  
  568901bfcb31e5f6e4d60b1119cb1530a54990a8c91fa46e8a2727c251e84d347ed15344a2833b2918fbc1226d265e60a73f05f6494662d7c4dfdea6241d6165
- SSDEEP
  
  768:/Y4rvw2pL7jA6Y5vyBjjXb0lcZsl4IUv:/trIIjAP5vsolc1IU
Score

10^/10

adware evasion stealer trojan upx
- UAC bypass
  evasion trojan
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwareevasionstealertrojanupx

behavioral2

adwareevasionstealertrojanupx

© 2018-2025

Terms | Privacy