2aec5947f09d1e7894dcaa08fc9ee98b5536971cbe543d2e07f4395471ef5c68 | Triage

Submit
Reports

Overview

overview

Static

static

Sample.069...45.exe

windows7_x64

7

Sample.069...45.exe

windows10_x64

7

Sharing

General

Target

Sample.06959.Ref#45.exe
Size

447KB
Sample

200528-s87gqk9w6j
MD5

d20858e0e22dd33020f396abe5a3cdd0
SHA1

3f094f8e32b39b95ca9a1b4e53bb8ff2c6e7e021
SHA256

2aec5947f09d1e7894dcaa08fc9ee98b5536971cbe543d2e07f4395471ef5c68
SHA512

a79543b4dbfbdd51c95083192a2078fe7c24cf645bd7d2546cf809fc808ecc9b88e60eda6e24921c0ad95faa53d41f74737aa6e32b760f2369b15dd5bc1ea8dc

Score

10^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

Sample.06959.Ref#45.exe

Resource

win7v200430

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Sample.06959.Ref#45.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Sample.06959.Ref#45.exe
- Size
  
  447KB
- MD5
  
  d20858e0e22dd33020f396abe5a3cdd0
- SHA1
  
  3f094f8e32b39b95ca9a1b4e53bb8ff2c6e7e021
- SHA256
  
  2aec5947f09d1e7894dcaa08fc9ee98b5536971cbe543d2e07f4395471ef5c68
- SHA512
  
  a79543b4dbfbdd51c95083192a2078fe7c24cf645bd7d2546cf809fc808ecc9b88e60eda6e24921c0ad95faa53d41f74737aa6e32b760f2369b15dd5bc1ea8dc
Score

7^/10

spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy