Overview

overview

7

Static

static

bulk orders.exe

windows7_x64

7

bulk orders.exe

windows10_x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    bulk orders.exe

  • Size

    402KB

  • Sample

    200710-xbh1wp4rys

  • MD5

    bbc3b10b87eb81003f7756ce4a7747bb

  • SHA1

    3c80f55251b8f501a541f974403ab3f8ab6cd1a4

  • SHA256

    319d0b2de48964ad79622ab5177bb6cd05bae9fa537cc8da575498be4b7eda0b

  • SHA512

    53eea0fccf55223c4d1bc94f997fad30c6bac5bdc6a2c11ceeb75a529ac5345e5ddff3a7aac7655502cb01b9592a22a8cac16974ee1b488b59a9d3b7212fa581

Score
7/10
spyware

Malware Config

Targets

    • Target

      bulk orders.exe

    • Size

      402KB

    • MD5

      bbc3b10b87eb81003f7756ce4a7747bb

    • SHA1

      3c80f55251b8f501a541f974403ab3f8ab6cd1a4

    • SHA256

      319d0b2de48964ad79622ab5177bb6cd05bae9fa537cc8da575498be4b7eda0b

    • SHA512

      53eea0fccf55223c4d1bc94f997fad30c6bac5bdc6a2c11ceeb75a529ac5345e5ddff3a7aac7655502cb01b9592a22a8cac16974ee1b488b59a9d3b7212fa581

    Score
    7/10
    spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks