Overview

overview

7

Static

static

Dhl Delive......exe

windows7_x64

7

Dhl Delive......exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Dhl Delivery Note-AWD 20....exe

  • Size

    844KB

  • Sample

    200717-tqb46vwxls

  • MD5

    4edfea7124a45b9e92dcefd45058b482

  • SHA1

    fb4b8a24c75f3c05d22131ead74cd96c2142c350

  • SHA256

    faf1dca0b043816dc1a448c778e8fc03030add15983e04a7cc39851297615c4f

  • SHA512

    c3a8534c67845104d1008827679f5189aeb67bc44ff21f39117227b145555f92c292dba617c46e474c458b924d302c1dbfe77bf565c82da3ff26a53113e6b230

Score
7/10
persistencespyware

Malware Config

Targets

    • Target

      Dhl Delivery Note-AWD 20....exe

    • Size

      844KB

    • MD5

      4edfea7124a45b9e92dcefd45058b482

    • SHA1

      fb4b8a24c75f3c05d22131ead74cd96c2142c350

    • SHA256

      faf1dca0b043816dc1a448c778e8fc03030add15983e04a7cc39851297615c4f

    • SHA512

      c3a8534c67845104d1008827679f5189aeb67bc44ff21f39117227b145555f92c292dba617c46e474c458b924d302c1dbfe77bf565c82da3ff26a53113e6b230

    Score
    7/10
    persistencespyware

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks