Overview
overview
7Static
static
3a124647617...1N.exe
windows7-x64
3a124647617...1N.exe
windows10-2004-x64
3$PLUGINSDI...er.dll
windows7-x64
3$PLUGINSDI...er.dll
windows10-2004-x64
3$PLUGINSDI...LL.dll
windows7-x64
3$PLUGINSDI...LL.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDIR/UAC.dll
windows7-x64
3$PLUGINSDIR/UAC.dll
windows10-2004-x64
3ShopAtHome...st.exe
windows7-x64
3ShopAtHome...st.exe
windows10-2004-x64
7ShopAtHome...nd.exe
windows7-x64
3ShopAtHome...nd.exe
windows10-2004-x64
3ShopAtHome...in.dll
windows7-x64
3ShopAtHome...in.dll
windows10-2004-x64
3ShopAtHome...lA.exe
windows7-x64
7ShopAtHome...lA.exe
windows10-2004-x64
7ShopAtHome...ls.dll
windows7-x64
3ShopAtHome...ls.dll
windows10-2004-x64
3ShopAtHome...r2.exe
windows7-x64
3ShopAtHome...r2.exe
windows10-2004-x64
3ShopAtHome...3U.dll
windows7-x64
6ShopAtHome...3U.dll
windows10-2004-x64
6ShopAtHome...er.dll
windows7-x64
3ShopAtHome...er.dll
windows10-2004-x64
3ShopAtHome...rch.js
windows7-x64
3ShopAtHome...rch.js
windows10-2004-x64
3ShopAtHome...bar.js
windows7-x64
3ShopAtHome...bar.js
windows10-2004-x64
3ShopAtHome...ll.exe
windows7-x64
3ShopAtHome...ll.exe
windows10-2004-x64
7General
-
Target
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291N
-
Size
1.1MB
-
Sample
241021-jlmjesxbrm
-
MD5
395feb0db0a8204d4eb9206873b7f9b0
-
SHA1
0474219d57e3410906ca5cf27f363eff8db1e3c5
-
SHA256
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291
-
SHA512
56eb5b7a440215675a338c9e24422d17642a339410662ffb538f16b3406eb55376009115164f7e842166aa98ab9e3f9af9917268a705e74d542c65116f2e204c
-
SSDEEP
24576:qVOYQIRPK/Z1DFc/nGKDzyZZ2eYvgNgS1GoElig44vIPybuioo:sUD0Gmy/2eelS1pvY7iioo
Static task
static1
Behavioral task
behavioral1
Sample
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291N.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/HTTPHelper.dll
Resource
win7-20240903-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/HTTPHelper.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win7-20240903-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/KillProcDLL.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241010-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral9
Sample
$PLUGINSDIR/UAC.dll
Resource
win7-20241010-en
Behavioral task
behavioral10
Sample
$PLUGINSDIR/UAC.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral11
Sample
ShopAtHomeToolbar/ClearHist.exe
Resource
win7-20240708-en
Behavioral task
behavioral12
Sample
ShopAtHomeToolbar/ClearHist.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral13
Sample
ShopAtHomeToolbar/IE8GuardWorkaround.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
ShopAtHomeToolbar/IE8GuardWorkaround.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral15
Sample
ShopAtHomeToolbar/SAHPlugin.dll
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
ShopAtHomeToolbar/SAHPlugin.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral17
Sample
ShopAtHomeToolbar/ShopAtHomeUninstallA.exe
Resource
win7-20240903-en
Behavioral task
behavioral18
Sample
ShopAtHomeToolbar/ShopAtHomeUninstallA.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral19
Sample
ShopAtHomeToolbar/TbCommonUtils.dll
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
ShopAtHomeToolbar/TbCommonUtils.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral21
Sample
ShopAtHomeToolbar/TbHelper2.exe
Resource
win7-20240708-en
Behavioral task
behavioral22
Sample
ShopAtHomeToolbar/TbHelper2.exe
Resource
win10v2004-20241007-en
Behavioral task
behavioral23
Sample
ShopAtHomeToolbar/tbcore3U.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
ShopAtHomeToolbar/tbcore3U.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral25
Sample
ShopAtHomeToolbar/tbhelper.dll
Resource
win7-20240708-en
Behavioral task
behavioral26
Sample
ShopAtHomeToolbar/tbhelper.dll
Resource
win10v2004-20241007-en
Behavioral task
behavioral27
Sample
ShopAtHomeToolbar/tbs_include_script_externalsearch.js
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
ShopAtHomeToolbar/tbs_include_script_externalsearch.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral29
Sample
ShopAtHomeToolbar/tbs_include_script_showhidetoolbar.js
Resource
win7-20240903-en
Behavioral task
behavioral30
Sample
ShopAtHomeToolbar/tbs_include_script_showhidetoolbar.js
Resource
win10v2004-20241007-en
Behavioral task
behavioral31
Sample
ShopAtHomeToolbar/uninstall.exe
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
ShopAtHomeToolbar/uninstall.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291N
-
Size
1.1MB
-
MD5
395feb0db0a8204d4eb9206873b7f9b0
-
SHA1
0474219d57e3410906ca5cf27f363eff8db1e3c5
-
SHA256
a124647617b598e1bf34fe07770d0d6b1a9aab8aa5167949b9693d16046bc291
-
SHA512
56eb5b7a440215675a338c9e24422d17642a339410662ffb538f16b3406eb55376009115164f7e842166aa98ab9e3f9af9917268a705e74d542c65116f2e204c
-
SSDEEP
24576:qVOYQIRPK/Z1DFc/nGKDzyZZ2eYvgNgS1GoElig44vIPybuioo:sUD0Gmy/2eelS1pvY7iioo
Score3/10 -
-
-
Target
$PLUGINSDIR/HTTPHelper.dll
-
Size
48KB
-
MD5
b11d158be8a3b8932e63a22af502be76
-
SHA1
48f244148e48fe7c5912dbb86a0e0ed9bb089c22
-
SHA256
94f3dd6cb7ab6735afc1752b237462eb5722538c615c82f416ab6b5b485a33ee
-
SHA512
1ff76bab85950bc711b6c0fb4222255eff677512ae0c0d8b4531fdae8f9726cea17aec9056e4bf9404217003f0ebe3e404272461b66a06751d270a3ca7b64b15
-
SSDEEP
768:Xd0otXWqIYT3nMHoZqcxZTmXOMesGNijpGTKPIDA3ojWjtb:tgm/zTmXwsGNi1xo0J
Score3/10 -
-
-
Target
$PLUGINSDIR/KillProcDLL.dll
-
Size
43KB
-
MD5
4a9319a0d4ff15bc373759e21bdd6143
-
SHA1
319ac86ea2e9fce24987c6b0c5077aaee2590f1f
-
SHA256
cc1d7c5cd40a9edf23e0ecd560d0d96127dd5e41b7b6c89b356c2ec87d309d30
-
SHA512
3f3210dbd47cc36dff65e9fbef8dbadfbf4ff956e37e1b4be60336f70e969d4ad37f79d5162cf1050422b89ddb7f88f9343d0db7c99aff114dad4408bb53e8ef
-
SSDEEP
768:uD9UAwOl2z8xfTqdLvZtCsJoiE8Td1pJSa5qvI:uD9M98YzZtCsRxTvH5
Score3/10 -
-
-
Target
$PLUGINSDIR/System.dll
-
Size
11KB
-
MD5
a78507ea1078cadaa8b2ec1a2e1d874f
-
SHA1
77fe20488444ebbaafc5b2c0743251a94edc3b8e
-
SHA256
93d1e681daebfd24ff9fab3952e8ae94eddbdfb3650937988c1fd8085991610e
-
SHA512
0399452c7305f23576d4175ec198ad8da8a530215e9304632b20bcb41a38fa0ba2c1c0b0b734b9f887851c92c7f2cf4cdfad403ace84e63318c0694402e1f270
-
SSDEEP
192:8trS5c+oKreH53n2fUC1lfeTf9OJCzD4/IVqh88GrgU6H:/jrd09O3/IcG8U6H
Score3/10 -
-
-
Target
$PLUGINSDIR/UAC.dll
-
Size
13KB
-
MD5
bcec2a6095d38abc192a68d094c302d0
-
SHA1
9e88c5b957b45524690513b75d81dee259d5d599
-
SHA256
446000200eff4f9c20761ce1680902daba190c81a57154f4917b1741d7800e3c
-
SHA512
b48e85a17904a104eef573358763a0b1215eec96f72f83ff544d2dab22737bc42411ca505adf3f7e95c6f7e7997ad3e408f258093727105b678d5eee8d8e6278
-
SSDEEP
192:mNnXQprEE3vHosEWFt6F5SLdn93YUCzj7qUFVWsSCDLjcOq98sswY:WnXQphvHJFoFe93D2xVWsSCHZq98FwY
Score3/10 -
-
-
Target
ShopAtHomeToolbar/ClearHist.exe
-
Size
52KB
-
MD5
f61af33629d6d08fa6937e2192724244
-
SHA1
d447eedc7f9dcafba762a987a83d89a461d86db4
-
SHA256
402a44bdc002d44be6c90cbb1b94c7a356a7336f2b01d946cd0875c08820c6a5
-
SHA512
bb0ab785bc0bb9be29c07a931d8226dce4908b4d8824d51672c9239a2cbf29b20e0e41e11cefff895a88e380e84a29aa338619a1db4c1bbbd4e633482ed3f06e
-
SSDEEP
768:ol1vhK/3805xxnCjNGSD35ArbhNmkVKJjn2LEDiPNmuIJo6PMYY:AvhKXzxqGI32rtAkI+VISYY
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
ShopAtHomeToolbar/IE8GuardWorkaround.exe
-
Size
106KB
-
MD5
f8015e5404c8f0b325de68dc56acd05d
-
SHA1
0c18d61abcc022bbc32cf45640105f1cd3c79204
-
SHA256
b9370f9f974cb5a58538679dde7e8b44035b713df6f0d8f7ee7cf840a4a3e06f
-
SHA512
42989eb292d77591cc7539c95a1e86fabc336a9455faae0c6724752e9e4f8eb97ce03e7a50c089d57114dfb667a763002152f7bd4b65e4f91e4fff202c139844
-
SSDEEP
1536:gMAZXpGCWLsKflkkAp03y0bWVrgIp65ohg:/bBAp03yqWVkIp6u2
Score3/10 -
-
-
Target
ShopAtHomeToolbar/SAHPlugin.dll
-
Size
98KB
-
MD5
6542c94933480bd2683082821a771218
-
SHA1
4129184120953f938ebb8f31d9338a02f47f6252
-
SHA256
4e698090b67a4459ac0078ef071b256e1fffc1370b5b8d0656d5a12356ebdebc
-
SHA512
f6736ab3455c3ec9adcaacf805db524abd0e9c8fce0a8c05e69572efc0a6a6249f42520e9bac48df35eb1aebd813c3a483d1b379066b7ec25a87292ee55f4155
-
SSDEEP
1536:B1EI9jKXzPZv9HNuQ3ohyZQrp0qYKbSwxdI0BkVOgkjHbWL:1W9QQY8ZQrWeSwdSJkjHU
Score3/10 -
-
-
Target
ShopAtHomeToolbar/ShopAtHomeUninstallA.exe
-
Size
270KB
-
MD5
532f3a046ffdb855dd6bbc275373cb9c
-
SHA1
5c1ae277e0992dc21ea8c004ccec86f2da205f6d
-
SHA256
784e623ceebb437ebb2d8ee292c9f1d43b89c59b7a73bd4e4ddb1df4b1d26cbd
-
SHA512
597d639f086e452549810b984ac5d325ca7972ae02f81293ae1ed68726d5555b20567b643a6d17bbccadaf4be5d759884a352f1724e918a9a1f4c6b1d3a8f576
-
SSDEEP
3072:bZsKZzUbT6oWFCJ/jnRpqPe/Nc36bSgk9tRGJfRr:bZfUXxVLRkPwwh9tIfx
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-
-
-
Target
ShopAtHomeToolbar/TbCommonUtils.dll
-
Size
115KB
-
MD5
e42e3ff4dc76338e9a87b9602e055e0c
-
SHA1
7acf12925b4cf1c94115636185c1968332eee389
-
SHA256
3c870a9fcf250d30231e76b5896b3cb71b3084e9e6e703a7f9fb64d074d1a958
-
SHA512
147103a10ba70396241f4254f900eb63dd4c38a76d3e0b2ae440bbd434efa9a07871c4964dc47cbc8a9f94f18f011c47328d2319bc6d4dad37897f01363b7a20
-
SSDEEP
1536:q0x9icpvx2eOt7RMxecZofwYkj9YDNoQCTlnk4E8w0Vi6Ii:h6Ko3XDfwJYDNoQ2lnk4EjIi6D
Score3/10 -
-
-
Target
ShopAtHomeToolbar/TbHelper2.exe
-
Size
197KB
-
MD5
6ca9d05fd40e8318e88897d65b88f534
-
SHA1
5f26fe6ec6e393bc181bc430fa4f2e791f9106d3
-
SHA256
d9f229a593fbb0f9c63d9682ccfa749d66fe5d8eba3b049658728f2da418605d
-
SHA512
2fff75288797a2ff4441b2d90b7ceab8ef73ef90d78d6bdc65a47b0de5101c08d8a242c2240a02e74db9ae3aa4f8f0fcbcadeb6f7a7a475fe6a0a6ba66afe823
-
SSDEEP
3072:5sqoPc+cryKikjBJ6lgfWHzWZw1QDVbBAjLnD5p3E:e3PPcikjBgHzSw1VfDnE
Score3/10 -
-
-
Target
ShopAtHomeToolbar/tbcore3U.dll
-
Size
2.5MB
-
MD5
cb76aa57b1a3c787a06054e2bbea9519
-
SHA1
a2f45f491f44d1a345e640d2a20d8cbfcda4654f
-
SHA256
5410b0ff80287d0cfa4b05ee50cf522f522a5035cd7b8ab8ce8497ccdab01fc0
-
SHA512
533a92a5d5c71ab9b7031451514850ca3986f2a46ebfdfb762873db0c76dab11ad6cafacef7f35294de71a0223361c7440788a36c5adcd576d0a65ea3752869b
-
SSDEEP
24576:ox4UslvsWdOw2WECKAslAVQCEJ2P5QXiXGAZuxF1XfEzaYn4SN2TxyQGZ2gnE4:wJOXTP56iXZUxvXszx4SgTMRYgnJ
-
-
-
Target
ShopAtHomeToolbar/tbhelper.dll
-
Size
290KB
-
MD5
edf0df137f6944a1c2281409617a5956
-
SHA1
775c91430e60c4704ae786371ee8e0b734b5d818
-
SHA256
1932113729bf5918eedc2ba535e48e1691c0a181568930a3c62740158089539f
-
SHA512
fa549216790561359bc5aef72ceff255230887894b383653a7061e1bf0fdc1af12a0b48c9dba784b8bcce0a3a913866b05f33c57db1106897394e20f3c626c98
-
SSDEEP
6144:XGmhFh+/KFajwZqWnOcl74fyE9MnGJi+bnQQVEBl:jjs8asEWnVl74fyE9MnSiQBEBl
Score3/10 -
-
-
Target
ShopAtHomeToolbar/tbs_include_script_externalsearch.js
-
Size
537B
-
MD5
a1d0bdcb9e04da934c1292906e02b41a
-
SHA1
35fe41637b9ca097616b630b8f2f773f0fcc987a
-
SHA256
433e1e3029b10314fba1d626f0cbcaed3a16ad606e8f9ecf75cd0491e720993b
-
SHA512
e5e780d784a222c7db19960817bad64bf2d9b5741af669649aa75afc90440b6a0478ce0e8309a33b26b0e6330c3cdc4093bd25a2eaf74c50483bb12dbc9761c9
Score3/10 -
-
-
Target
ShopAtHomeToolbar/tbs_include_script_showhidetoolbar.js
-
Size
2KB
-
MD5
ea4e2a2ccbab5ec9f855711f5e68c358
-
SHA1
decd8ecdfa9e9db0b6d4f4946a145cfda7ef6ed7
-
SHA256
364fbfbd73835b13b3c709f4bf463d806be64abf740914eb1f993eb61a3890bf
-
SHA512
0952d2165016025f6df8fc80d261a87b33f8dfce597f207a2e2a7f42e77a5154d36e69818d0ddb601fabd4c48ceaf3e1fd7c2b2e77087eb9375ebc67f30c0f53
Score3/10 -
-
-
Target
ShopAtHomeToolbar/uninstall.exe
-
Size
39KB
-
MD5
bd424b8edd4d4869785ed321af241c71
-
SHA1
74135638c58a9f706e896317622f0d71ca4babe0
-
SHA256
ce50618c286c9e42ccbb10b4caf241b0ab0ccb1e37e74f82c91f36fbc33243de
-
SHA512
bd6426da4d644b112d94c3173a511da7759e17b9790845dc6ed7261dccc713a0979c021625753357767b5b58150e8ed6ea24563a29b7b9af28963ab91d4b52a5
-
SSDEEP
768:i+biaD1wS/2huzaqHo7M8OEDkHAnaLcgMNZdRko6PMU:i6iaDSPKo7MK5VN3RVU
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-