Overview

overview

7

Static

static

3

a45afd7bd5...98.exe

windows7-x64

3

a45afd7bd5...98.exe

windows10-2004-x64

3

$PLUGINSDI...er.dll

windows7-x64

3

$PLUGINSDI...er.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

ShopAtHome...st.exe

windows7-x64

1

ShopAtHome...st.exe

windows10-2004-x64

7

ShopAtHome...nd.exe

windows7-x64

1

ShopAtHome...nd.exe

windows10-2004-x64

1

ShopAtHome...in.dll

windows7-x64

1

ShopAtHome...in.dll

windows10-2004-x64

1

ShopAtHome...er.exe

windows7-x64

3

ShopAtHome...er.exe

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows7-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDIR/UAC.dll

windows7-x64

3

$PLUGINSDIR/UAC.dll

windows10-2004-x64

3

$PLUGINSDI...fo.dll

windows7-x64

3

$PLUGINSDI...fo.dll

windows10-2004-x64

3

ShopAtHomeHelper.exe

windows7-x64

ShopAtHomeHelper.exe

windows10-2004-x64

ShopAtHome...PS.dll

windows7-x64

1

ShopAtHome...PS.dll

windows10-2004-x64

1

ShopAtHomeWatcher.exe

windows7-x64

1

ShopAtHomeWatcher.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    a45afd7bd59ccabaef1ac33a52209698

  • Size

    1.6MB

  • MD5

    a45afd7bd59ccabaef1ac33a52209698

  • SHA1

    a5aebbd30198bd8dbe72f04ea62c1c5c0887caea

  • SHA256

    52e3e010f6befadf81406ddd14b9302361c590769a699c0dd96cea5f8f7906d9

  • SHA512

    2b4c75adfdf46f6ecc8f51378250d187979fedfc79cf25743f2fcecdee9f3ad7879769942b8dd8c19a431336a460349d90d41b7005457f42d58dde612cd1944f

  • SSDEEP

    49152:NN8QWUAVvTHuUUQp5oas2d+rLMYTla3k/:NJjAVvLCQpNOl+k/

Score
3/10

Malware Config

Signatures

  • Unsigned PE 11 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 4 IoCs
    installer

Files

  • a45afd7bd59ccabaef1ac33a52209698
    .exe windows:5 windows x86 arch:x86

    f14aba31075188e8a83ea826ace3eca3


    Headers

    Imports

    Sections

  • $PLUGINSDIR/HTTPHelper.dll
    .dll windows:4 windows x86 arch:x86

    0e72c770c257ac8e3bf41f9ae25782bd


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:5 windows x86 arch:x86

    1f8074a193b10b2b403ed3682d545693


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:5 windows x86 arch:x86

    aaa34d9251e34ceebd6bf5066471d799


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    40ffeaaff4dd6648ff7802eda4676ee6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/modern-header.bmp
  • $PLUGINSDIR/modern-wizard.bmp
  • $PLUGINSDIR/nsDialogs.dll
    .dll windows:5 windows x86 arch:x86

    8349690a00ef0e1a0e53b015791d4cf4


    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeToolbar/ClearHist.exe
    .exe windows:5 windows x86 arch:x86

    6e618e5cbaee5b1f71fb9098ed8fd9a1


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/IE8GuardWorkaround.exe
    .exe windows:5 windows x86 arch:x86

    ec70ce5450a6824ada5ecf87d1dbb937


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/Merchants.xml
    .xml
  • ShopAtHomeToolbar/Prefs.xml
    .xml .vbs
  • ShopAtHomeToolbar/SAHPlugin.dll
    .dll windows:5 windows x86 arch:x86

    cd3aa0eb0ec2616efaa9f8fbe1065c95


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeToolbar/SAH_favicon.ico
  • ShopAtHomeToolbar/ShopAtHomeHelperInstaller.exe
    .exe windows:5 windows x86 arch:x86

    f14aba31075188e8a83ea826ace3eca3


    Headers

    Imports

    Sections

  • $PLUGINSDIR/KillProcDLL.dll
    .dll windows:5 windows x86 arch:x86

    1f8074a193b10b2b403ed3682d545693


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UAC.dll
    .dll windows:4 windows x86 arch:x86

    40ffeaaff4dd6648ff7802eda4676ee6


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:5 windows x86 arch:x86

    6bc108eed3ca99f68adee56e9c99fac6


    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeHelper.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • ShopAtHomeHelperPS.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    bcfcd7a3eb19d99670cc0c86c5bf70bf


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeWatcher.exe
    .exe windows:5 windows x86 arch:x86

    fa5399e59aad137dbed3586a31c735a4


    Code Sign

    Headers

    Imports

    Sections

  • alert.html
    .js
  • logo.png
    .png
  • ShopAtHomeToolbar/ShopAtHomeUninstallA.exe
    .exe windows:4 windows x86 arch:x86

    e7d4c33538f236789b7d3d577b7b4505


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/TbCommonUtils.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    e557a8b0ea8064d8f3723c6f5ab20c71


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeToolbar/TbHelper2.exe
    .exe windows:5 windows x86 arch:x86

    0909f3c20ec8912cd0e0431e47db74b5


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/basis.xml
    .xml .js polyglot
  • ShopAtHomeToolbar/icons.bmp
  • ShopAtHomeToolbar/logo.png
    .png
  • ShopAtHomeToolbar/minus.png
    .png
  • ShopAtHomeToolbar/plus.png
    .png
  • ShopAtHomeToolbar/sahtb-alert.png
    .png
  • ShopAtHomeToolbar/sahtb-clearsearch.png
    .png
  • ShopAtHomeToolbar/sahtb-comment.png
    .png
  • ShopAtHomeToolbar/sahtb-contests.png
    .png
  • ShopAtHomeToolbar/sahtb-freecoupons.png
    .png
  • ShopAtHomeToolbar/sahtb-freesamples.png
    .png
  • ShopAtHomeToolbar/sahtb-go.png
    .png
  • ShopAtHomeToolbar/sahtb-grocerycoupons.png
    .png
  • ShopAtHomeToolbar/sahtb-information.png
    .png
  • ShopAtHomeToolbar/sahtb-mysah.png
    .png
  • ShopAtHomeToolbar/sahtb-options.png
    .png
  • ShopAtHomeToolbar/sahtb-restaurant.png
    .png
  • ShopAtHomeToolbar/sahtb-wishlist.png
    .png
  • ShopAtHomeToolbar/tbcore3U.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    420384bd60a9b05b21cfc29945420a3f


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeToolbar/tbhelper.dll
    .dll regsvr32 windows:5 windows x86 arch:x86

    d520ad1b73d0db540ace0c2c37782c58


    Code Sign

    Headers

    Imports

    Exports

    Sections

  • ShopAtHomeToolbar/tbs_include_script_externalsearch.js
    .js
  • ShopAtHomeToolbar/tbs_include_script_showhidetoolbar.js
    .js
  • ShopAtHomeToolbar/uninstall.exe
    .exe windows:5 windows x86 arch:x86

    91d4c4cb5a2fee19d37d0d10a1f9e2ed


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/update.exe
    .exe windows:5 windows x86 arch:x86

    07e21fd5a97bb733b3a019966e68c77e


    Code Sign

    Headers

    Imports

    Sections

  • ShopAtHomeToolbar/version.txt