Overview

overview

8

Static

static

8

palata.exe

windows7_x64

8

palata.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    palata.exe

  • Size

    4.4MB

  • Sample

    210114-pv2rte9qen

  • MD5

    812bbffb66a539c9877cbd6802b37ac6

  • SHA1

    812efac17807890ec2664bbe33a035fc6e73f9ca

  • SHA256

    94122aa4df273a94c2f6970bf9593f72090d9ddee16821d24d56299a3ed0af86

  • SHA512

    521a2547b633e78253b1f250e84f4adbea4dcfe469d8e0ae981d138bdff2fa6af4ae7ecef8e5addeb9dd0574138c303bebb579d2065f71b3e6225fe29afbf88a

Score
8/10
discoveryspywareupx

Malware Config

Targets

    • Target

      palata.exe

    • Size

      4.4MB

    • MD5

      812bbffb66a539c9877cbd6802b37ac6

    • SHA1

      812efac17807890ec2664bbe33a035fc6e73f9ca

    • SHA256

      94122aa4df273a94c2f6970bf9593f72090d9ddee16821d24d56299a3ed0af86

    • SHA512

      521a2547b633e78253b1f250e84f4adbea4dcfe469d8e0ae981d138bdff2fa6af4ae7ecef8e5addeb9dd0574138c303bebb579d2065f71b3e6225fe29afbf88a

    Score
    8/10
    discoveryspyware

    • Blocklisted process makes network request

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops desktop.ini file(s)

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks