Overview

overview

10

Static

static

STdCUUIWc6ThD1c.exe

windows7_x64

10

STdCUUIWc6ThD1c.exe

windows10_x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    STdCUUIWc6ThD1c.exe

  • Size

    429KB

  • Sample

    200707-sgfcpwk5re

  • MD5

    372f3141f5bbca51025428b7d5544b2d

  • SHA1

    b26c353e3dfdc4f8423e8df6ec7134f34cd2cee1

  • SHA256

    7aec5714f249052bfb6d9195ee09affa5817bb20fb1096bb49bbc2fb10048e75

  • SHA512

    c2ab6efae09366813608151a3252cf729a70ed117a053ffb9ea3df9f30e256d447dbdd4fc99409d4919ef5d33b5ee38782a148fad89a75c18fa5e85cbe4fdb17

Score
10/10
formbookevasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      STdCUUIWc6ThD1c.exe

    • Size

      429KB

    • MD5

      372f3141f5bbca51025428b7d5544b2d

    • SHA1

      b26c353e3dfdc4f8423e8df6ec7134f34cd2cee1

    • SHA256

      7aec5714f249052bfb6d9195ee09affa5817bb20fb1096bb49bbc2fb10048e75

    • SHA512

      c2ab6efae09366813608151a3252cf729a70ed117a053ffb9ea3df9f30e256d447dbdd4fc99409d4919ef5d33b5ee38782a148fad89a75c18fa5e85cbe4fdb17

    Score
    10/10
    persistencespywareevasiontrojanstealerformbook

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Adds Run entry to policy start application

      persistence

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks