Overview

overview

7

Static

static

3

5796dec86f...b2.exe

windows7-x64

7

5796dec86f...b2.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5796dec86f4eb6625513cb62758495b2

  • Size

    921KB

  • Sample

    240113-bjjezshhd5

  • MD5

    5796dec86f4eb6625513cb62758495b2

  • SHA1

    34f7e64ec7009b473a427797844d6f644709746d

  • SHA256

    5ce4cef82a94e958c2ca84310c356ed130f3082f0c417e9250c8002defed31fc

  • SHA512

    1bf424995a3ad468f6650741a78c87da37739f42672603c1f3e05fe06a058a2bf25c812c707e5fa24a16c7c22af5171c2c72b17a44cb2b69a05c9ee9564cff37

  • SSDEEP

    12288:V9ORtoNV13bozV+3c0NTMl3JOXdZPbpr+JlLDDY7vvEK9k4nRJ8VdRK9RKzs3QQR:KRtkc0RMlkNZAJlLXzK9k4ncszUsAQJf

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      5796dec86f4eb6625513cb62758495b2

    • Size

      921KB

    • MD5

      5796dec86f4eb6625513cb62758495b2

    • SHA1

      34f7e64ec7009b473a427797844d6f644709746d

    • SHA256

      5ce4cef82a94e958c2ca84310c356ed130f3082f0c417e9250c8002defed31fc

    • SHA512

      1bf424995a3ad468f6650741a78c87da37739f42672603c1f3e05fe06a058a2bf25c812c707e5fa24a16c7c22af5171c2c72b17a44cb2b69a05c9ee9564cff37

    • SSDEEP

      12288:V9ORtoNV13bozV+3c0NTMl3JOXdZPbpr+JlLDDY7vvEK9k4nRJ8VdRK9RKzs3QQR:KRtkc0RMlkNZAJlLXzK9k4ncszUsAQJf

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks