4907bed25c3ed8f16d5e658f22fad83ef4d628dedc96d57f657e86e4dd2538f4 | Triage

Submit
Reports

Overview

overview

7

Static

static

sample.exe

windows7_x64

7

sample.exe

windows10_x64

3

Sharing

General

Target

ac7068caed0df4e6427d635b4379a2eacf6ee03ed700b9f6ae74e9fe047381f1.bin.sample.gz
Size

153KB
Sample

201205-zme5lbjc1a
MD5

dd2e3b7aac20903bb8cfe53bc128db1d
SHA1

63bf398bd9a7d46a7ee2a2a60a8c5711bea88d18
SHA256

4907bed25c3ed8f16d5e658f22fad83ef4d628dedc96d57f657e86e4dd2538f4
SHA512

05844f92e9a20ea8d69533faa1c6ca87c4751db1c05568cb317b73a89a7f49a5b92f8a7d647261e9146b9d7f8f61b42c6ad7000ca9fd6f873335e507ecf8169b

Score

7^/10

spyware

Static task

static1

Behavioral task

behavioral1

Sample

sample.exe

Resource

win7v20201028

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

sample.exe

Resource

win10v20201028

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  sample
- Size
  
  153KB
- MD5
  
  972092cbe7791d27fc9ff6e9acc12cc3
- SHA1
  
  5a9482423dd4b9c5ca7251d40420c6487489d8ad
- SHA256
  
  ac7068caed0df4e6427d635b4379a2eacf6ee03ed700b9f6ae74e9fe047381f1
- SHA512
  
  6ecc8e38d49280e3e16a6bcc1664a91b7fffe81162254cbd27bcb2c1093570f9ece1ee4128ba3d642d5cbeff76973cf47dd5003ff1c47358e32b268b497fa4f4
Score

7^/10

spyware
- Deletes itself
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy