Overview

overview

7

Static

static

3

xpajB.exe

windows7-x64

7

xpajB.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    xpajB.exe

  • Size

    520KB

  • Sample

    240428-twc3vabh5y

  • MD5

    bd76fc01deed43cd6e368a1f860d44ed

  • SHA1

    a2e241e9af346714e93c0600f160d05c95839768

  • SHA256

    e04c85cd4bffa1f5465ff62c9baf0b29b7b2faddf7362789013fbac8c90268bf

  • SHA512

    d0ebe108f5baf156ecd9e1bf41e23a76b043fcaac78ff5761fdca2740b71241bd827e861ada957891fbc426b3d7baa87d10724765c45e25f25aa7bd6d31ab4ec

  • SSDEEP

    12288:Kbx6vZrcRsEQNMnnGpL0zTnPzCFjBL0C2k8apE:Kbx6vam9innGWzUB

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      xpajB.exe

    • Size

      520KB

    • MD5

      bd76fc01deed43cd6e368a1f860d44ed

    • SHA1

      a2e241e9af346714e93c0600f160d05c95839768

    • SHA256

      e04c85cd4bffa1f5465ff62c9baf0b29b7b2faddf7362789013fbac8c90268bf

    • SHA512

      d0ebe108f5baf156ecd9e1bf41e23a76b043fcaac78ff5761fdca2740b71241bd827e861ada957891fbc426b3d7baa87d10724765c45e25f25aa7bd6d31ab4ec

    • SSDEEP

      12288:Kbx6vZrcRsEQNMnnGpL0zTnPzCFjBL0C2k8apE:Kbx6vam9innGWzUB

    Score
    7/10
    spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Unsecured Credentials

1
T1552

Credentials In Files

1
T1552.001

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks