95035a7201b03830ecb4d63aca8288e276a5cd7236a164d5df7290f7b2123148 | Triage

Submit
Reports

Overview

overview

8

Static

static

MT103-Swift.exe

windows7_x64

8

MT103-Swift.exe

windows10_x64

7

Sharing

General

Target

MT103-Swift.exe
Size

332KB
Sample

200713-l3jjpzthzx
MD5

ff143f71d0e4587e2f48989ef1f0299d
SHA1

7e73614061675f7862de68bc74dbcbafde02f487
SHA256

95035a7201b03830ecb4d63aca8288e276a5cd7236a164d5df7290f7b2123148
SHA512

6d1bc2138730da8d344226841c5dee242889b6acc05c61b30b57518333492968c7019498e1cf1221d524b9e22bb9336ee74cc43779442050bfbeafbc440834bf

Score

8^/10

evasion persistence spyware trojan

Static task

static1

Behavioral task

behavioral1

Sample

MT103-Swift.exe

Resource

win7

persistence spyware evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

MT103-Swift.exe

Resource

win10

persistence spyware

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  MT103-Swift.exe
- Size
  
  332KB
- MD5
  
  ff143f71d0e4587e2f48989ef1f0299d
- SHA1
  
  7e73614061675f7862de68bc74dbcbafde02f487
- SHA256
  
  95035a7201b03830ecb4d63aca8288e276a5cd7236a164d5df7290f7b2123148
- SHA512
  
  6d1bc2138730da8d344226841c5dee242889b6acc05c61b30b57518333492968c7019498e1cf1221d524b9e22bb9336ee74cc43779442050bfbeafbc440834bf
Score

8^/10

persistence spyware evasion trojan
- Adds Run entry to policy start application
  persistence
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Adds Run entry to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- js
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistencespywareevasiontrojan

behavioral2

persistencespyware

© 2018-2024

Terms | Privacy