Overview

overview

10

Static

static

go.exe

windows7_x64

7

go.exe

windows10_x64

10

Resubmissions

11/05/2020, 15:26

200511-xt1564wyhj 10

05/05/2020, 23:59

200505-rl298pza1a 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    go.exe

  • Size

    2.5MB

  • Sample

    200505-rl298pza1a

  • MD5

    f7508239b937b2427649be8f77718f60

  • SHA1

    ae85ece228d81f1b4cc8203bab4a8a2e45c2dc05

  • SHA256

    fa7465ff52d0725c0ce446ca4f1686a3912c5117e7e37d87c5c4c013ec629599

  • SHA512

    005a8cb1408d1049cf7926309bc7bf17689588b8804defd99dbfced6c36795faab4559320dc71d59f5259c7858bdb032d88c83c56f6cde2e9d9f0d28f8f1a66f

Score
10/10
spyware

Malware Config

Targets

    • Target

      go.exe

    • Size

      2.5MB

    • MD5

      f7508239b937b2427649be8f77718f60

    • SHA1

      ae85ece228d81f1b4cc8203bab4a8a2e45c2dc05

    • SHA256

      fa7465ff52d0725c0ce446ca4f1686a3912c5117e7e37d87c5c4c013ec629599

    • SHA512

      005a8cb1408d1049cf7926309bc7bf17689588b8804defd99dbfced6c36795faab4559320dc71d59f5259c7858bdb032d88c83c56f6cde2e9d9f0d28f8f1a66f

    Score
    10/10
    spyware

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Program crash

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks