Overview

overview

7

Static

static

sample.exe

windows7_x64

7

sample.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    44158adc2ca27c732b0f715d30a46a8142264b8d0aac3ed9080e2fc6566029a8.bin.sample.gz

  • Size

    146KB

  • Sample

    201205-dfdh3dngen

  • MD5

    a0ecf0beb9833aaa755772206870f149

  • SHA1

    a85fccd2a3679c4351589809aa78c163d3a9e42b

  • SHA256

    3eee08c5a5bb8d69f89f4c1da908c3a7c51e3c8513552af230fc5d3aeb02933c

  • SHA512

    1af82c643904826c7338c6b011ac1d22a356c103fea0a35abb232785178a3e76fe0f1bf758d21db6000ec58dc080fa9b09e051b8916ceabc2d05024e1b1a64ee

Score
7/10
spyware

Malware Config

Targets

    • Target

      sample

    • Size

      146KB

    • MD5

      83a98a605845b4e09c32b37cfa188d52

    • SHA1

      d8b347c539598a34b69f653bce4ad4689454cde8

    • SHA256

      44158adc2ca27c732b0f715d30a46a8142264b8d0aac3ed9080e2fc6566029a8

    • SHA512

      fbd0737475f974c8a8aef15e5e5efb1654d16ed50c8cc4af687878b952e692ce4c4373074ce2097c366f50d3fbebbd8dd335877d3053e7580ee14799218606e8

    Score
    7/10
    spyware

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks