Overview

overview

7

Static

static

3

cdbbf9b224...4d.exe

windows7-x64

7

cdbbf9b224...4d.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cdbbf9b224fd679ca874d24c327e644d

  • Size

    655KB

  • Sample

    240316-lrkm5agd6z

  • MD5

    cdbbf9b224fd679ca874d24c327e644d

  • SHA1

    bfde41dd372f473e9d1beea0c69f7ad5427bb673

  • SHA256

    8f76a06f1c3bba23423c664689552bbab5793dd0c8f0e0f516f3711c1d70efb3

  • SHA512

    33b2781b03eecbd8e4179dbe957d05ab137cd1704e3847db463d446b63ac980aef089147d672e2fe43faeb9f467b68159abc01e2db629461b71b95e5a33f5152

  • SSDEEP

    12288:59OTZYqehu/bXT6rthNm7HVkKMdPoQegsGT3rVG92GwCaTEULhT5:+lYqesbjkjUHCKYrT35G92tCC1T5

Score
7/10
adwarepersistencestealer

Malware Config

Targets

    • Target

      cdbbf9b224fd679ca874d24c327e644d

    • Size

      655KB

    • MD5

      cdbbf9b224fd679ca874d24c327e644d

    • SHA1

      bfde41dd372f473e9d1beea0c69f7ad5427bb673

    • SHA256

      8f76a06f1c3bba23423c664689552bbab5793dd0c8f0e0f516f3711c1d70efb3

    • SHA512

      33b2781b03eecbd8e4179dbe957d05ab137cd1704e3847db463d446b63ac980aef089147d672e2fe43faeb9f467b68159abc01e2db629461b71b95e5a33f5152

    • SSDEEP

      12288:59OTZYqehu/bXT6rthNm7HVkKMdPoQegsGT3rVG92GwCaTEULhT5:+lYqesbjkjUHCKYrT35G92tCC1T5

    Score
    7/10
    adwarepersistencestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Installs/modifies Browser Helper Object

      BHOs are DLL modules which act as plugins for Internet Explorer.

      stealeradware

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks