Overview

overview

7

Static

static

IBAN IMPLE...DF.exe

windows7_x64

7

IBAN IMPLE...DF.exe

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IBAN IMPLEMENTATION.PDF.exe

  • Size

    715KB

  • Sample

    200712-8wwenhxvvj

  • MD5

    30d1189cb067a539d35c24262202c9e1

  • SHA1

    131e08e5925151f68c08464fba3359ea8a04ca1a

  • SHA256

    fdeac1758dae3e3811f020f3d9d44fb984c4397c924c4c8e880f4e41fdf130f7

  • SHA512

    dfd595030472a0243709f85e64b7f3f039dd27c8cf5c706c3c404c9b8f2fcf093d18464436dafd1117eae71b4f82a66f896b0692a18786680b963edc7dc3a747

Score
7/10
spyware

Malware Config

Targets

    • Target

      IBAN IMPLEMENTATION.PDF.exe

    • Size

      715KB

    • MD5

      30d1189cb067a539d35c24262202c9e1

    • SHA1

      131e08e5925151f68c08464fba3359ea8a04ca1a

    • SHA256

      fdeac1758dae3e3811f020f3d9d44fb984c4397c924c4c8e880f4e41fdf130f7

    • SHA512

      dfd595030472a0243709f85e64b7f3f039dd27c8cf5c706c3c404c9b8f2fcf093d18464436dafd1117eae71b4f82a66f896b0692a18786680b963edc7dc3a747

    Score
    7/10
    spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks