Overview

overview

7

Static

static

3

ItteBloxPl...ta.exe

windows7-x64

7

ItteBloxPl...ta.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ItteBloxPlayerLauncherBeta.exe

  • Size

    1.4MB

  • Sample

    240218-f1jvaseg53

  • MD5

    c51bee070172210574380904002554b0

  • SHA1

    d6433097e757504b21e62e243c95d3d1b5999468

  • SHA256

    a287c3a80970f27349c0173188658538789ecdd76c0ad8fd7951bc3630540f2b

  • SHA512

    4d55d2ee443548ef9e83cec21c240cd424a8f158fcf61cdd5cbbd2b44301480f1e2d9c5f4de66b02fb77709e2a8363ae13006b53bfbcc8d1a7b3a3f808096c67

  • SSDEEP

    24576:VmZLxZS26vc1m/zeZVxeX3ZSZEKsPbTLgQ5mNoFOf4Bb:WTSeyHXJSUDTLFgoW4Bb

Score
7/10
discoveryevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      ItteBloxPlayerLauncherBeta.exe

    • Size

      1.4MB

    • MD5

      c51bee070172210574380904002554b0

    • SHA1

      d6433097e757504b21e62e243c95d3d1b5999468

    • SHA256

      a287c3a80970f27349c0173188658538789ecdd76c0ad8fd7951bc3630540f2b

    • SHA512

      4d55d2ee443548ef9e83cec21c240cd424a8f158fcf61cdd5cbbd2b44301480f1e2d9c5f4de66b02fb77709e2a8363ae13006b53bfbcc8d1a7b3a3f808096c67

    • SSDEEP

      24576:VmZLxZS26vc1m/zeZVxeX3ZSZEKsPbTLgQ5mNoFOf4Bb:WTSeyHXJSUDTLFgoW4Bb

    Score
    7/10
    discoveryevasionpersistencespywarestealertrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks