Overview

overview

7

Static

static

Facturas.exe

windows7_x64

7

Facturas.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Facturas.exe

  • Size

    909KB

  • Sample

    200713-mqnpm55c3a

  • MD5

    d75a4be4b55e4b2359298cde65d5fa9e

  • SHA1

    4dd995bf2183bc545d422f67abd6f3666bb14e1e

  • SHA256

    bbbfb4d66a6d1ff1fb9f476cc8607a2a0b1a0bb27bdaba095a3715489d8e4315

  • SHA512

    b56490322992d50d188f1b34c3c6971df8893d7b2c5c3db428018ffbe3ae93f00f9b2338710eb6a7c98b63731316063346ea8a743bcc4033274f448dc60559b5

Score
7/10
evasionpersistencespywaretrojan

Malware Config

Targets

    • Target

      Facturas.exe

    • Size

      909KB

    • MD5

      d75a4be4b55e4b2359298cde65d5fa9e

    • SHA1

      4dd995bf2183bc545d422f67abd6f3666bb14e1e

    • SHA256

      bbbfb4d66a6d1ff1fb9f476cc8607a2a0b1a0bb27bdaba095a3715489d8e4315

    • SHA512

      b56490322992d50d188f1b34c3c6971df8893d7b2c5c3db428018ffbe3ae93f00f9b2338710eb6a7c98b63731316063346ea8a743bcc4033274f448dc60559b5

    Score
    7/10
    spywareevasiontrojanpersistence

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Adds Run entry to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • js

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks