0eca5a1dd1b70d7cf6c75d963a1672d2491258dfd08b0f389895b64a51b8ba05 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

MicrosoftE...up.exe

windows10-2004-x64

6

Sharing

General

Target

MicrosoftEdgeSetup.exe
Size

1.5MB
Sample

240524-yw95sshg88
MD5

141a156dbeae111b2a1cc95a18a24640
SHA1

9c481cc341bbce0d8fbf519e9dc652ccc850f49f
SHA256

0eca5a1dd1b70d7cf6c75d963a1672d2491258dfd08b0f389895b64a51b8ba05
SHA512

64465fcc28cc661fb67abdd6fc9a6211993a4db9b18f679cfcb2d0ecf56700a8815beda9db23196122dea9e131cd32cd9116d46710efcacaf615b363b5272884
SSDEEP

49152:3iEa3Vj78yu236hnj5DKXleER68Iw8RwaV8n3X:3iBXnqBNDcleYLIw8eaV8X

Score

6^/10

adware discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

MicrosoftEdgeSetup.exe

Resource

win10v2004-20240508-en

adware discovery persistence stealer

windows10-2004-x64

27 signatures

1800 seconds

Malware Config

Targets

- Target
  
  MicrosoftEdgeSetup.exe
- Size
  
  1.5MB
- MD5
  
  141a156dbeae111b2a1cc95a18a24640
- SHA1
  
  9c481cc341bbce0d8fbf519e9dc652ccc850f49f
- SHA256
  
  0eca5a1dd1b70d7cf6c75d963a1672d2491258dfd08b0f389895b64a51b8ba05
- SHA512
  
  64465fcc28cc661fb67abdd6fc9a6211993a4db9b18f679cfcb2d0ecf56700a8815beda9db23196122dea9e131cd32cd9116d46710efcacaf615b363b5272884
- SSDEEP
  
  49152:3iEa3Vj78yu236hnj5DKXleER68Iw8RwaV8n3X:3iBXnqBNDcleYLIw8eaV8X
Score

6^/10

adware discovery persistence stealer
- Adds Run key to start application
  persistence
- Downloads MZ/PE file
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarediscoverypersistencestealer

© 2018-2024

Terms | Privacy