Overview

overview

7

Static

static

3

08daf59a4e...6f.exe

windows7-x64

7

08daf59a4e...6f.exe

windows10-1703-x64

7

08daf59a4e...6f.exe

windows10-2004-x64

7

08daf59a4e...6f.exe

windows11-21h2-x64

7

Resubmissions

28-04-2024 10:26

240428-mgs27adh6t 7

28-04-2024 10:21

240428-mdtjjsdg6y 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    08daf59a4e1d26485cb64a89f7300eaf9a492145510078e6d9fa0016c1816b6f

  • Size

    5.7MB

  • Sample

    240428-mgs27adh6t

  • MD5

    4e660043e7b682e7e07e512cb1c79681

  • SHA1

    f1cb193f47bf5365340857d7d02a69c70dafd0ad

  • SHA256

    08daf59a4e1d26485cb64a89f7300eaf9a492145510078e6d9fa0016c1816b6f

  • SHA512

    31f03a196a5aca0c8e01c872cd1e1a2f4082d1a588bb9dab04509c079e98fbf175c957647248458f33df63ce662f755a3a5b15ae5057befd32676785791eda69

  • SSDEEP

    49152:3BzVPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dr:3/KUgTH2M2m9UMpu1QfLczqssnKSk

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      08daf59a4e1d26485cb64a89f7300eaf9a492145510078e6d9fa0016c1816b6f

    • Size

      5.7MB

    • MD5

      4e660043e7b682e7e07e512cb1c79681

    • SHA1

      f1cb193f47bf5365340857d7d02a69c70dafd0ad

    • SHA256

      08daf59a4e1d26485cb64a89f7300eaf9a492145510078e6d9fa0016c1816b6f

    • SHA512

      31f03a196a5aca0c8e01c872cd1e1a2f4082d1a588bb9dab04509c079e98fbf175c957647248458f33df63ce662f755a3a5b15ae5057befd32676785791eda69

    • SSDEEP

      49152:3BzVPv94AEsKU8ggw1g+1CART5eBiyKS3EI3wybn20DCYIHvc8ixuZm9+fWsw6dr:3/KUgTH2M2m9UMpu1QfLczqssnKSk

    Score
    7/10
    spywarestealer

    • Deletes itself

    • Drops startup file

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks