Overview

overview

8

Static

static

3

fb6b117177...97.exe

windows10-1703-x64

8

Unlocker.exe

windows10-1703-x64

8

UnlockerInject32.exe

windows10-1703-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    17535957862.zip

  • Size

    1016KB

  • Sample

    240531-hr8heaaf4t

  • MD5

    9b66717517ba33136fc2a0e3a155cd47

  • SHA1

    7ad583310a17159bfba2dc7f71ea469fa781a8a1

  • SHA256

    27488792792bbbb1253e1a2622e3a6af8339003aef385337e4f8e8e02099345a

  • SHA512

    946bac388fe77f5b26d46210005f7111ab90ae29192a436353a0ee85e631dc5b979a16ec0fe6e357b411ae98a082da047639db71fed1f9424677c72f52731ed0

  • SSDEEP

    24576:Ia7H7NunptWJzzscwvpDp+sPjz6lag1aMQ4:VIaFCvpN+sATsML

Score
8/10
discoveryevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      fb6b1171776554a808c62f4045f5167603f70bf7611de64311ece0624b365397

    • Size

      1.0MB

    • MD5

      1e02d6aa4a199448719113ae3926afb2

    • SHA1

      f1eff6451ced129c0e5c0a510955f234a01158a0

    • SHA256

      fb6b1171776554a808c62f4045f5167603f70bf7611de64311ece0624b365397

    • SHA512

      7d0f1416beb8c141ee992fe594111042309690c00741dff8f9f31b4652ed6a96b57532780e3169391440076d7ace63966fab526a076adcdc7f7ab389b4d0ff98

    • SSDEEP

      24576:eLMeYSiGTpTLDxxwqQcqOj5eyHox6ZGmAuXE7ZBlbT:+PbVvwqQpoLHontDrlbT

    Score
    8/10
    discoveryevasionpersistencespywarestealertrojan

    • Sets service image path in registry

      persistence

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Registers COM server for autorun

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1

    • Target

      Unlocker.exe

    • Size

      122KB

    • MD5

      0a77f732624155a215f5ca54df9b2930

    • SHA1

      172bdf71343dd6544cfbe04abbc3dec4535f7d84

    • SHA256

      a0b651038c4301f70e4aea506eb90edc584a5c4ca46880c7dc2ae5eafa6dc506

    • SHA512

      6482c9fc3b5ff9d5798deb9965b4dfab9ba62b889e921011696f29dd96b813194a59f76a52a88fa4962317c6a43a21122c857e4ca80c6c4360c2cee544117352

    • SSDEEP

      1536:QjL8UYqusRZHN+R6iJBf232Qxl1D5ljFerDUF7TGMvB+xpgGfGlbPMcpEkAEAG+L://sRZt+R6+232QLADzMvYonfgQ/Y39

    Score
    8/10
    persistence
    behavioral2

    • Target

      UnlockerInject32.exe

    • Size

      11KB

    • MD5

      5b964dbcc99edee45a6f235417713a93

    • SHA1

      e65bb79a470a509a50b4c275c10bc10892ab11ca

    • SHA256

      3b1afea2711e5d731a60b41e87f4711fe1db3345fa316be20347376068479dd5

    • SHA512

      60dd41e0434fcc7d6d57a02d69cd47c2b74c9c18316f59aee88da087c22c3e8408aa94ab9738edc1b229db8f83e620354394ae3847e216c2bce33dc0d3e62743

    • SSDEEP

      192:kpjAiTRs0TjebH947yowJL/W6Mgb5+ebCfYEQpkqs1I5Zgjl5w:kWIsUgHqYJLygbPbCQW1M6jk

    Score
    1/10
    behavioral3

MITRE ATT&CK Enterprise v15

Tasks