Overview

overview

8

Static

static

13db34cab4...75.exe

windows7_x64

8

13db34cab4...75.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13db34cab435d9858269c5e823f4b575.exe

  • Size

    1.2MB

  • Sample

    210408-5qqwk1hre2

  • MD5

    13db34cab435d9858269c5e823f4b575

  • SHA1

    c6e9c301d3cfaf6671490c47c1ed4eb59f343f21

  • SHA256

    63ca5cde7141ae503639f3022f4dc4a244e8b19bf320d55a9567789aa632d036

  • SHA512

    dfd36c39b35cf1aed2b76e38d4a08c41792611cf886d337d129a19c963878cc53fb7a0d71e078d2d38e61d8341a938869686f62673f080a7182020cd08c2c6a8

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      13db34cab435d9858269c5e823f4b575.exe

    • Size

      1.2MB

    • MD5

      13db34cab435d9858269c5e823f4b575

    • SHA1

      c6e9c301d3cfaf6671490c47c1ed4eb59f343f21

    • SHA256

      63ca5cde7141ae503639f3022f4dc4a244e8b19bf320d55a9567789aa632d036

    • SHA512

      dfd36c39b35cf1aed2b76e38d4a08c41792611cf886d337d129a19c963878cc53fb7a0d71e078d2d38e61d8341a938869686f62673f080a7182020cd08c2c6a8

    Score
    8/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks