0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376 | Triage

Submit
Reports

Overview

overview

Static

static

0a1ea5086d...76.exe

windows7_x64

0a1ea5086d...76.exe

windows10_x64

Sharing

General

Target

0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376
Size

2.1MB
Sample

210513-reyw7wkdgn
MD5

aa944fef8beb51f51561171cfc71ec1a
SHA1

5dfcc60c03203e1737f26798dfc92bd9e86ef6d3
SHA256

0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376
SHA512

cbbb6d16008e9fb92807a3c1d7faa4a3668b9976896ee0c42e65f2f7274999b1a4353cf1c542783e3b9760c04bce90a35e68bf3b27ac447255693b0e901b94f0

Score

10^/10

persistence spyware stealer upx

Static task

static1

Behavioral task

behavioral1

Sample

0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376.exe

Resource

win7v20210410

persistence spyware stealer upx

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376.exe

Resource

win10v20210410

persistence spyware stealer upx

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376
- Size
  
  2.1MB
- MD5
  
  aa944fef8beb51f51561171cfc71ec1a
- SHA1
  
  5dfcc60c03203e1737f26798dfc92bd9e86ef6d3
- SHA256
  
  0a1ea5086dfc05e6f1213073ccae15262a21892afc8c805adc94c13c6e2a8376
- SHA512
  
  cbbb6d16008e9fb92807a3c1d7faa4a3668b9976896ee0c42e65f2f7274999b1a4353cf1c542783e3b9760c04bce90a35e68bf3b27ac447255693b0e901b94f0
Score

10^/10

persistence spyware stealer upx
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencespywarestealerupx

behavioral2

persistencespywarestealerupx

© 2018-2024

Terms | Privacy