Overview

overview

10

Static

static

10

Networking

windows7_x64

7

Resubmissions

10-01-2021 16:22

210110-7zg63hrjhn 10

10-01-2021 15:59

210110-la7w6yh1qj 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a857ee760eec20b221de8a66b16f6eff21f33efda6588e1d2fee0c4a619668c3.bin

  • Size

    513KB

  • Sample

    210110-7zg63hrjhn

  • MD5

    f1fa750dc2ee4dcde499bd9070df5c98

  • SHA1

    def2ad0450ca3b38721de5222e0ab64657f3eb98

  • SHA256

    a857ee760eec20b221de8a66b16f6eff21f33efda6588e1d2fee0c4a619668c3

  • SHA512

    0fc113d1becad5b652131297d4bb500e909f11d66204cf75690dde72dd0f7e809925cebe43a2540a21a889dbd5e9f0f58c2be26193d9943849c0ad89d7ecc0a3

Score
10/10
massloggerspyware

Malware Config

Targets

    • Target

      a857ee760eec20b221de8a66b16f6eff21f33efda6588e1d2fee0c4a619668c3.bin

    • Size

      513KB

    • MD5

      f1fa750dc2ee4dcde499bd9070df5c98

    • SHA1

      def2ad0450ca3b38721de5222e0ab64657f3eb98

    • SHA256

      a857ee760eec20b221de8a66b16f6eff21f33efda6588e1d2fee0c4a619668c3

    • SHA512

      0fc113d1becad5b652131297d4bb500e909f11d66204cf75690dde72dd0f7e809925cebe43a2540a21a889dbd5e9f0f58c2be26193d9943849c0ad89d7ecc0a3

    Score
    7/10
    spyware

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks