Overview

overview

7

Static

static

invoices.exe

windows7_x64

7

invoices.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    invoices.exe

  • Size

    512KB

  • Sample

    200729-34p7hfeq7s

  • MD5

    971c8fc0f91b2bc048b239e464a8c8cb

  • SHA1

    60719e8039dfd5705a1ecaf94f9aaf5d0c590785

  • SHA256

    d8c72023bdedf6714432a1263bcf0348278b580ae0099b3d3b0403862c081ac2

  • SHA512

    5a214b8e586dd4cf75e029c0f08ada08486dced06642391153ad6be0538fd2240625fa8c04f6b04c527f6c9bd8f182f937d7d9187e635ccd9c1951405d683a46

Score
7/10
spyware

Malware Config

Targets

    • Target

      invoices.exe

    • Size

      512KB

    • MD5

      971c8fc0f91b2bc048b239e464a8c8cb

    • SHA1

      60719e8039dfd5705a1ecaf94f9aaf5d0c590785

    • SHA256

      d8c72023bdedf6714432a1263bcf0348278b580ae0099b3d3b0403862c081ac2

    • SHA512

      5a214b8e586dd4cf75e029c0f08ada08486dced06642391153ad6be0538fd2240625fa8c04f6b04c527f6c9bd8f182f937d7d9187e635ccd9c1951405d683a46

    Score
    7/10
    spyware

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks