Overview

overview

7

Static

static

Document N... 1.exe

windows7_x64

7

Document N... 1.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Document No. UESSCM002 rev 1.exe

  • Size

    445KB

  • Sample

    200707-8ce9rl6ftx

  • MD5

    3fd46db10135a70741edc889e108d710

  • SHA1

    43b709e44753dff7a07a38b82b81d768df72f616

  • SHA256

    5a78ea393c92a5df31b0d53bae37907d768e419446c6bc6f2140359bf00598bd

  • SHA512

    b92fb695390b12efec620bf213040193699444e03199f9a5f09f1ecc375ffceed52711becbd80824278f040ff1f76271282d1f08bfbaaa847e8812bbd25fe0f0

Score
7/10
spyware

Malware Config

Targets

    • Target

      Document No. UESSCM002 rev 1.exe

    • Size

      445KB

    • MD5

      3fd46db10135a70741edc889e108d710

    • SHA1

      43b709e44753dff7a07a38b82b81d768df72f616

    • SHA256

      5a78ea393c92a5df31b0d53bae37907d768e419446c6bc6f2140359bf00598bd

    • SHA512

      b92fb695390b12efec620bf213040193699444e03199f9a5f09f1ecc375ffceed52711becbd80824278f040ff1f76271282d1f08bfbaaa847e8812bbd25fe0f0

    Score
    7/10
    spyware

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks