Overview

overview

7

Static

static

3

c6b251ca81...ac.exe

windows7-x64

7

c6b251ca81...ac.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    c6b251ca81085f54c93a381d656187ac

  • Size

    148KB

  • Sample

    240313-x919daea21

  • MD5

    c6b251ca81085f54c93a381d656187ac

  • SHA1

    610147f93f32a46148414a41de69e583b489caae

  • SHA256

    398d529eefcdc8e44bddd8127453a405397e4c73e4277b2d2105c39960c85425

  • SHA512

    299b7b0b6976061a73dcf55978484b25389890ee49b36941777dd71167fa36be6335dd6c6be6134d0982dec2cea5ada35c6d0e2c7cfbfe698a1c1db1f6d0a0a2

  • SSDEEP

    3072:yziUjE5x5q4QmiqKxXn/Yg1MxpQAStrvGfmdd:yziUjE32/YgKKntzGM

Score
7/10
adwarestealer

Malware Config

Targets

    • Target

      c6b251ca81085f54c93a381d656187ac

    • Size

      148KB

    • MD5

      c6b251ca81085f54c93a381d656187ac

    • SHA1

      610147f93f32a46148414a41de69e583b489caae

    • SHA256

      398d529eefcdc8e44bddd8127453a405397e4c73e4277b2d2105c39960c85425

    • SHA512

      299b7b0b6976061a73dcf55978484b25389890ee49b36941777dd71167fa36be6335dd6c6be6134d0982dec2cea5ada35c6d0e2c7cfbfe698a1c1db1f6d0a0a2

    • SSDEEP

      3072:yziUjE5x5q4QmiqKxXn/Yg1MxpQAStrvGfmdd:yziUjE32/YgKKntzGM

    Score
    7/10
    adwarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks