Overview

overview

7

Static

static

3

64d82a5f90...2b.exe

windows7-x64

7

64d82a5f90...2b.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    64d82a5f90c971a69afd939aa657dd2b

  • Size

    148KB

  • Sample

    240118-jhjy5afhf3

  • MD5

    64d82a5f90c971a69afd939aa657dd2b

  • SHA1

    0cf3ede372fc24b2dad4b34e8adb8c83c4c14b18

  • SHA256

    c7ee0f5760041d11bed9ab937909aa7d49001b2942b5a8730f4bd639c0154f97

  • SHA512

    469e0df4d9fef5b170232c1b427f56be0fa42644cd6324e3ee494338bd935ca13484e0a29d74155673810db1eca33d287112634ca6251812450015b40444b0ab

  • SSDEEP

    3072:yziUjE5x5q4QmiqKxXn/Yg1MxpQAStrvGfmd1:yziUjE32/YgKKntzGk

Score
7/10
adwarestealer

Malware Config

Targets

    • Target

      64d82a5f90c971a69afd939aa657dd2b

    • Size

      148KB

    • MD5

      64d82a5f90c971a69afd939aa657dd2b

    • SHA1

      0cf3ede372fc24b2dad4b34e8adb8c83c4c14b18

    • SHA256

      c7ee0f5760041d11bed9ab937909aa7d49001b2942b5a8730f4bd639c0154f97

    • SHA512

      469e0df4d9fef5b170232c1b427f56be0fa42644cd6324e3ee494338bd935ca13484e0a29d74155673810db1eca33d287112634ca6251812450015b40444b0ab

    • SSDEEP

      3072:yziUjE5x5q4QmiqKxXn/Yg1MxpQAStrvGfmd1:yziUjE32/YgKKntzGk

    Score
    7/10
    adwarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks