Overview

overview

7

Static

static

purchase order.exe

windows7_x64

7

purchase order.exe

windows10_x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    purchase order.exe

  • Size

    388KB

  • Sample

    200709-cjfdcw11hs

  • MD5

    6e79b18d66d13b737710c054dda0ee91

  • SHA1

    45e21f6dd77a784f7cb7e28725d3641bc67e9df5

  • SHA256

    629a721f44640c6286b99cb22280a6bd499366f3b867d189328a6b4794116fb2

  • SHA512

    fbb176c60c658bce931ed4b129709401b34af22914d6e36202de061fa62fc886f7cddbceb77dd9100a57edeac27c4229f11282cdba6798c57a9558c7de5a5838

Score
7/10
spyware

Malware Config

Targets

    • Target

      purchase order.exe

    • Size

      388KB

    • MD5

      6e79b18d66d13b737710c054dda0ee91

    • SHA1

      45e21f6dd77a784f7cb7e28725d3641bc67e9df5

    • SHA256

      629a721f44640c6286b99cb22280a6bd499366f3b867d189328a6b4794116fb2

    • SHA512

      fbb176c60c658bce931ed4b129709401b34af22914d6e36202de061fa62fc886f7cddbceb77dd9100a57edeac27c4229f11282cdba6798c57a9558c7de5a5838

    Score
    7/10
    spyware

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks