Overview

overview

7

Static

static

3

tor-browse...14.exe

windows7-x64

7

tor-browse...14.exe

windows10-2004-x64

7

Browser/pl...er.exe

windows7-x64

1

Browser/pl...er.exe

windows10-2004-x64

1

Browser/updater.exe

windows7-x64

1

Browser/updater.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tor-browser-windows-x86_64-portable-13.0.14.exe

  • Size

    99.7MB

  • Sample

    240425-ls3v4ahe83

  • MD5

    756994cbc174b3e69dcb4377e8a7b3c2

  • SHA1

    2fb14aceba0c8df3478aaf8c039d76c6abe3ac36

  • SHA256

    8738a94ae5290d577f3aa700e918239a4bcdbe91d41d201434dc93620617997b

  • SHA512

    a870822e4268b04f1fa8b937e1b1be29286df4492173e2fe5f21d4bff1aa69ba8f8e50670a40b5a372ff2bf23a1881ae9417fc36c20c03bcb9166afd64c22a17

  • SSDEEP

    3145728:kuNbhCOwoW3EaXaXs9Z5kRCQq7fV75gNj:ku5jwofqZ50q7frgNj

Score
7/10
evasiontrojan

Malware Config

Targets

    • Target

      tor-browser-windows-x86_64-portable-13.0.14.exe

    • Size

      99.7MB

    • MD5

      756994cbc174b3e69dcb4377e8a7b3c2

    • SHA1

      2fb14aceba0c8df3478aaf8c039d76c6abe3ac36

    • SHA256

      8738a94ae5290d577f3aa700e918239a4bcdbe91d41d201434dc93620617997b

    • SHA512

      a870822e4268b04f1fa8b937e1b1be29286df4492173e2fe5f21d4bff1aa69ba8f8e50670a40b5a372ff2bf23a1881ae9417fc36c20c03bcb9166afd64c22a17

    • SSDEEP

      3145728:kuNbhCOwoW3EaXaXs9Z5kRCQq7fV75gNj:ku5jwofqZ50q7frgNj

    Score
    7/10
    evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

    • Target

      Browser/plugin-container.exe

    • Size

      1.1MB

    • MD5

      db76dc430765dbee6e1e3bf75e68dd84

    • SHA1

      69fbdfdd3a38aed3e23a7c9119e6b336cd27400c

    • SHA256

      c44d12d4c7c3d0f5800e0e14e81b0202869e83d941d13fddeaa54f57b83f2038

    • SHA512

      a8bb8795eb6b466cabd7026231a75ee69a80d640670887d427fb3d8043011f82f4883c7bf4e48d507fb2a150a185136f3f1e16d1af9b180743e92dc9d77f74d9

    • SSDEEP

      12288:vCUMkM3saxa/LJvroZnUR0w5PBPupcXgYrcCTFmTvifcPgmJeyofy5C:/MkUaLJvRR0w5ObOgT7PgmJ1oF

    Score
    1/10
    behavioral3behavioral4

    • Target

      Browser/updater.exe

    • Size

      462KB

    • MD5

      b7800c255dc775b867a85f733ac95eba

    • SHA1

      f415e9ea6d76c5ea6ee120f432078bb35f0dcba7

    • SHA256

      8c34eb58965949018953b3288345a1743d2ec5eb50b3a9feb47c7d242627b989

    • SHA512

      2689fd11c35032c9b8dd629d8feea70012368046d5b97beda746e57330e5548135194f90df1339bf7438aec646bd79cfac670474b1079d3233d49a35d1458c30

    • SSDEEP

      6144:oKbO3Wt4PjGLWTHVKYGUKfSegCymnzWWlBEgbhLEHPnjZ4pjSFC+k5moWLJg3Pfc:rbOM4KgsYGUKfSOymnzHDdmoWLJAdGy

    Score
    1/10
    behavioral5behavioral6

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

3
T1082

Query Registry

1
T1012

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks