Overview

overview

7

Static

static

3

ca89c4fdf6...34.exe

windows7-x64

7

ca89c4fdf6...34.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ca89c4fdf654198caaa54ae812c9e234

  • Size

    704KB

  • Sample

    240315-flpr1aah28

  • MD5

    ca89c4fdf654198caaa54ae812c9e234

  • SHA1

    c7556956295acefd1db3b15a448528124d1c6aa1

  • SHA256

    7d3710bbf5ef28c73af1f43f56a3a75d632288d399fc6f2db0287a047e742236

  • SHA512

    259f14492e776d9850b7453e93623e98c9b1bdb1dfd14c7e702f91b16f0a14f8977dcd13d65efcd4b9c7dbfeb4c4b5098329a39df74077623f5c47fd5bdcbac8

  • SSDEEP

    12288:t9OJQeJC4Sg+bcDjXo4VrsgR7uTIxYaampzHXqveNF80RMLfsEUX4szdTvd1L:yE45+YXVrsuvCxmpzacFlgfKXHLn

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      ca89c4fdf654198caaa54ae812c9e234

    • Size

      704KB

    • MD5

      ca89c4fdf654198caaa54ae812c9e234

    • SHA1

      c7556956295acefd1db3b15a448528124d1c6aa1

    • SHA256

      7d3710bbf5ef28c73af1f43f56a3a75d632288d399fc6f2db0287a047e742236

    • SHA512

      259f14492e776d9850b7453e93623e98c9b1bdb1dfd14c7e702f91b16f0a14f8977dcd13d65efcd4b9c7dbfeb4c4b5098329a39df74077623f5c47fd5bdcbac8

    • SSDEEP

      12288:t9OJQeJC4Sg+bcDjXo4VrsgR7uTIxYaampzHXqveNF80RMLfsEUX4szdTvd1L:yE45+YXVrsuvCxmpzacFlgfKXHLn

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks