Overview

overview

7

Static

static

SKMT_09072020_PDF.exe

windows7_x64

7

SKMT_09072020_PDF.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SKMT_09072020_PDF.exe

  • Size

    539KB

  • Sample

    200709-m9z8fn8rzj

  • MD5

    36eb80897ad85742010328a1bd0a620d

  • SHA1

    a33698f8c02e20810eab820776acd23e1fda9b87

  • SHA256

    3763c0bde1d8eb2943f3fbf10ce25d2360f1200993f28b3951522f9f455f8970

  • SHA512

    0d215cfed4b49479627030da09f8bf76cf5dd64751860a4ef7821cd70095255d52e02149c6fc457dd7ba1de5b453172dbf824873e146301f64aec78c50792b3e

Score
7/10
spyware

Malware Config

Targets

    • Target

      SKMT_09072020_PDF.exe

    • Size

      539KB

    • MD5

      36eb80897ad85742010328a1bd0a620d

    • SHA1

      a33698f8c02e20810eab820776acd23e1fda9b87

    • SHA256

      3763c0bde1d8eb2943f3fbf10ce25d2360f1200993f28b3951522f9f455f8970

    • SHA512

      0d215cfed4b49479627030da09f8bf76cf5dd64751860a4ef7821cd70095255d52e02149c6fc457dd7ba1de5b453172dbf824873e146301f64aec78c50792b3e

    Score
    7/10
    spyware

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks