76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

76ad0023a8...44.dll

windows7-x64

9

76ad0023a8...44.dll

windows10-2004-x64

9

Sharing

General

Target

76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544
Size

1.7MB
Sample

240628-241g4svbrc
MD5

c25475665b846605a5defbf6d1d77373
SHA1

1b31aeb9136dd8f5d795f9fea33822c53f4ec0e0
SHA256

76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544
SHA512

7d25ec3c1827decc176e0d09da6dda4f7fb19d2944d4a51bc491fb60c945397b9001c442e715bd1922e3ce73b658fb2cfbc5bbddb162e86bd84878ec48b0533c
SSDEEP

49152:r0Vf3Q60NQ2ByAzvdYPxus6cF47ukj7URLHkJigQU/CIabjKoh9WINi:6Q6+Q2ByAzvdYPAxebDbrFIabjKoh9WH

Score

9^/10

adware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544.dll

Resource

win7-20240221-en

adware stealer upx

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544.dll

Resource

win10v2004-20240508-en

adware stealer upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544
- Size
  
  1.7MB
- MD5
  
  c25475665b846605a5defbf6d1d77373
- SHA1
  
  1b31aeb9136dd8f5d795f9fea33822c53f4ec0e0
- SHA256
  
  76ad0023a869282021ad7988176abe886a54dab17e4cb55ec8bba51399fdb544
- SHA512
  
  7d25ec3c1827decc176e0d09da6dda4f7fb19d2944d4a51bc491fb60c945397b9001c442e715bd1922e3ce73b658fb2cfbc5bbddb162e86bd84878ec48b0533c
- SSDEEP
  
  49152:r0Vf3Q60NQ2ByAzvdYPxus6cF47ukj7URLHkJigQU/CIabjKoh9WINi:6Q6+Q2ByAzvdYPAxebDbrFIabjKoh9WH
Score

9^/10

adware stealer upx
- UPX dump on OEP (original entry point)
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Installs/modifies Browser Helper Object
  BHOs are DLL modules which act as plugins for Internet Explorer.
  stealer adware
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Browser Extensions

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

adwarestealerupx

behavioral2

adwarestealerupx

© 2018-2024

Terms | Privacy