7580b43d971e0fdff2f72d6b67668a2353626b4caeb8cb190549b8cd48567cb3 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

Software-I...up.exe

windows7-x64

7

Software-I...up.exe

windows10-2004-x64

7

Sharing

General

Target

MDE_File_Sample_8aa22dbe926b6a4bccb09b37dd9f61b68adbb510.zip
Size

4.3MB
Sample

240422-r2x9vscf31
MD5

6828d4d83e4136cfaaccbc95dd49c5c5
SHA1

7f49da123aa736efb5a93f87d3a823cc4c590bbb
SHA256

7580b43d971e0fdff2f72d6b67668a2353626b4caeb8cb190549b8cd48567cb3
SHA512

dd32d9a6f3ace25a645af3bc46f1df86b4552c964d5ff015beef0234e709ad790ac32cb7a238b6024a97827b5be256eb3b86eeac5823c9a6a7934bb7a1d54c47
SSDEEP

98304:uaaNOK2YIV1m1yhxBVLnZTuO4NcQc8CYsfsOTl8tSGoOvPojlaVCi0e:naxk1xBVlR4tEYsfzT/OvUltq

Score

7^/10

adware discovery spyware stealer

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Software-Inventur-Setup.exe

Resource

win7-20240215-en

adware discovery spyware stealer

windows7-x64

17 signatures

150 seconds

Behavioral task

behavioral2

Sample

Software-Inventur-Setup.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  Software-Inventur-Setup.exe
- Size
  
  4.4MB
- MD5
  
  c9b462391e719eb5027b1eafd72a73a4
- SHA1
  
  8aa22dbe926b6a4bccb09b37dd9f61b68adbb510
- SHA256
  
  78e0b247d31ab5a9c3a4313ecdd5b0d7aed0d8ccb1787b835d0e196acb8680a7
- SHA512
  
  d61cf2201e64cc81346dd900c200d4b3b5a97cb95d5c84ce80f6070dfe84dedd16ebba132918240390313646184b8b7ba1cc87ef04d073b7c9a8e51a2da892f2
- SSDEEP
  
  98304:uhFJvfL3I/UEiLs9pywX6SRoS9uJe7BbVdQ7r+6fLAvZadvFppceQQdrNcH5H:wFFrEDvqyZ9uJCFQv+6fLN3VkZH
Score

7^/10

adware discovery spyware stealer
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Unsecured Credentials

Credentials In Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarediscoveryspywarestealer

behavioral2

© 2018-2024

Terms | Privacy