Overview

overview

7

Static

static

6

Filmora9.exe

windows7_x64

7

Filmora9.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Filmora9.rar

  • Size

    3.9MB

  • Sample

    210112-zqat87g2bs

  • MD5

    5b1816005adaa5eb297a2fd4a4a6eee2

  • SHA1

    048fcc8d6a7041815357403f1b4cf8b166317654

  • SHA256

    e6d61d4bdc0ea4407271fb25972d045073d5bbd3729fc31390ad3ece2c648b14

  • SHA512

    0536abc887216bda5fdfeaba22e468f7d271b2c0a188745b86044df3b2c89e65c35c062d544e48847be4f6c71e96ee844b876ec9ceafacfa97e9bbb30f405f36

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      Filmora9.exe

    • Size

      750.4MB

    • MD5

      bea9a069887845ffa2db931d401b5fb0

    • SHA1

      78a3e909749d816c6996caa3bba1ed71714d20d3

    • SHA256

      0384cdd9a194aef83de6cb5ab31157ff5b8d4293642539d93d5b4c4c3a96d7a5

    • SHA512

      dcc70eee65c6af4fe0fe6ab34c1af2790470c4d7d3048a6b48e50ba06033d42d15bbb97528ab5947b8ff293b852e372c387915dc63e1178e389563a6f56f2ff0

    Score
    7/10
    discoveryspywarestealer

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks