4302e25b6146e3e0bdf666ae8d3e803ead6b993685a3c4ff3ca98d0b36d7766e | Triage

Submit
Reports

Overview

overview

7

Static

static

JCwZyb0zjyDTDj3.exe

windows7_x64

7

JCwZyb0zjyDTDj3.exe

windows10_x64

3

Sharing

General

Target

JCwZyb0zjyDTDj3.exe
Size

554KB
Sample

200707-hprdc2casn
MD5

fd714befdd56479148dde38f6f788bf1
SHA1

9decbf37221b47dd3aef363b6cb7a388544bcc87
SHA256

4302e25b6146e3e0bdf666ae8d3e803ead6b993685a3c4ff3ca98d0b36d7766e
SHA512

77062a718fedef9daffbd1b294795603e3731a18ce306fe1065c745ced8cca452efc3cd9cefe50fdbae74a4230ca77958212b9f345ace6982afab9135870eb15

Score

7^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

JCwZyb0zjyDTDj3.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

JCwZyb0zjyDTDj3.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  JCwZyb0zjyDTDj3.exe
- Size
  
  554KB
- MD5
  
  fd714befdd56479148dde38f6f788bf1
- SHA1
  
  9decbf37221b47dd3aef363b6cb7a388544bcc87
- SHA256
  
  4302e25b6146e3e0bdf666ae8d3e803ead6b993685a3c4ff3ca98d0b36d7766e
- SHA512
  
  77062a718fedef9daffbd1b294795603e3731a18ce306fe1065c745ced8cca452efc3cd9cefe50fdbae74a4230ca77958212b9f345ace6982afab9135870eb15
Score

7^/10

spyware
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy