3a04b56f47bba77ed0473977187e02512d68ca45b6c5281388f8cca367297bef | Triage

Submit
Reports

Overview

overview

7

Static

static

3

870cfe796e...c7.exe

windows7-x64

7

870cfe796e...c7.exe

windows10-2004-x64

7

Sharing

General

Target

870cfe796ee68557087cf7fe73e4dac7
Size

313KB
Sample

240201-q7cdxaggfr
MD5

870cfe796ee68557087cf7fe73e4dac7
SHA1

1772980420d331e5bfa229b742c41eb3d38b9e6c
SHA256

3a04b56f47bba77ed0473977187e02512d68ca45b6c5281388f8cca367297bef
SHA512

9a44bf4ea6615cbfdae0d2c40bd0d92bde36eb4198961f56ef64f24c0ec883879eb39a06d687fd5778a9d218be9c0017c12a66685280d6f830305269764f313f
SSDEEP

6144:91OgDPdkBAFZWjadD4sPGX7tlpS/5ruIy8YMYb+HVycwV:91OgLda9X77pe5ruI3YMY+EcK

Score

7^/10

adware discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

870cfe796ee68557087cf7fe73e4dac7.exe

Resource

win7-20231215-en

adware discovery spyware stealer

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

870cfe796ee68557087cf7fe73e4dac7.exe

Resource

win10v2004-20231215-en

adware discovery spyware stealer

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  870cfe796ee68557087cf7fe73e4dac7
- Size
  
  313KB
- MD5
  
  870cfe796ee68557087cf7fe73e4dac7
- SHA1
  
  1772980420d331e5bfa229b742c41eb3d38b9e6c
- SHA256
  
  3a04b56f47bba77ed0473977187e02512d68ca45b6c5281388f8cca367297bef
- SHA512
  
  9a44bf4ea6615cbfdae0d2c40bd0d92bde36eb4198961f56ef64f24c0ec883879eb39a06d687fd5778a9d218be9c0017c12a66685280d6f830305269764f313f
- SSDEEP
  
  6144:91OgDPdkBAFZWjadD4sPGX7tlpS/5ruIy8YMYb+HVycwV:91OgLda9X77pe5ruI3YMY+EcK
Score

7^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

adwarediscoveryspywarestealer

© 2018-2025

Terms | Privacy