66149576d890bc4db0ebe928f9389c0f81ed59942d5bb1142689650ba7e3fb42 | Triage

Submit
Reports

Overview

overview

6

Static

static

1

MicrosoftE...64.msi

windows7-x64

6

MicrosoftE...64.msi

windows10-2004-x64

6

Sharing

General

Target

MicrosoftEdgeEnterpriseX64.msi
Size

171.4MB
Sample

240610-mw9cqagg92
MD5

6d74fe21e272b02ef1668dc5e10c3f92
SHA1

181e6171cba45fa8580e06d0c5cf124bed11b594
SHA256

66149576d890bc4db0ebe928f9389c0f81ed59942d5bb1142689650ba7e3fb42
SHA512

03591653e350b0be05266c2de8b4e1d415e879226994809d18944f64f7b9ce8bc908908a1b6f5857a3dcaf3a3c1119935b29025c8f9d877da55b5d9e73188f72
SSDEEP

3145728:5q9BGjNuTtJsRD+sngZJy3Dj1Wbe+f/wsl2nhyE7devu9ZmXDvfVmuN1UKUo3Foh:5q9UNaq+sgKDjY9n+XheP71SmWZDx

Score

6^/10

adware discovery persistence stealer

Static task

static1

Behavioral task

behavioral1

Sample

MicrosoftEdgeEnterpriseX64.msi

Resource

win7-20240508-en

discovery persistence

windows7-x64

19 signatures

150 seconds

Behavioral task

behavioral2

Sample

MicrosoftEdgeEnterpriseX64.msi

Resource

win10v2004-20240508-en

adware persistence stealer

windows10-2004-x64

24 signatures

150 seconds

Malware Config

Targets

- Target
  
  MicrosoftEdgeEnterpriseX64.msi
- Size
  
  171.4MB
- MD5
  
  6d74fe21e272b02ef1668dc5e10c3f92
- SHA1
  
  181e6171cba45fa8580e06d0c5cf124bed11b594
- SHA256
  
  66149576d890bc4db0ebe928f9389c0f81ed59942d5bb1142689650ba7e3fb42
- SHA512
  
  03591653e350b0be05266c2de8b4e1d415e879226994809d18944f64f7b9ce8bc908908a1b6f5857a3dcaf3a3c1119935b29025c8f9d877da55b5d9e73188f72
- SSDEEP
  
  3145728:5q9BGjNuTtJsRD+sngZJy3Dj1Wbe+f/wsl2nhyE7devu9ZmXDvfVmuN1UKUo3Foh:5q9UNaq+sgKDjY9n+XheP71SmWZDx
Score

6^/10

discovery persistence adware stealer
- Blocklisted process makes network request
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
- Modifies Installed Components in the registry
  persistence
- Sets file execution options in registry
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Browser Extensions

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

adwarepersistencestealer

© 2018-2025

Terms | Privacy