6e42f1d40f5b6081f5fcf108855ea6d41ff66f2d2f29a0116d8bef13511a2d0c | Triage

Submit
Reports

Overview

overview

8

Static

static

mixazed_20...31.exe

windows7_x64

8

mixazed_20...31.exe

windows10_x64

8

Sharing

General

Target

mixazed_20210727-132631
Size

587KB
Sample

210727-gkpbc9mn9s
MD5

245892804c29606229b19495b5821203
SHA1

9cba70fd93c62a836473acec047a5e564eb20279
SHA256

6e42f1d40f5b6081f5fcf108855ea6d41ff66f2d2f29a0116d8bef13511a2d0c
SHA512

382d29e1031c1681bc68198bad432698daea1bc46a43a599f19c43bbbb42566c3109b74f4fc4b234ff82d8ecf856ef4907d3dca40f53357f827d475b7d79b8b8

Score

8^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

mixazed_20210727-132631.exe

Resource

win7v20210408

discovery spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

mixazed_20210727-132631.exe

Resource

win10v20210410

discovery spyware stealer

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  mixazed_20210727-132631
- Size
  
  587KB
- MD5
  
  245892804c29606229b19495b5821203
- SHA1
  
  9cba70fd93c62a836473acec047a5e564eb20279
- SHA256
  
  6e42f1d40f5b6081f5fcf108855ea6d41ff66f2d2f29a0116d8bef13511a2d0c
- SHA512
  
  382d29e1031c1681bc68198bad432698daea1bc46a43a599f19c43bbbb42566c3109b74f4fc4b234ff82d8ecf856ef4907d3dca40f53357f827d475b7d79b8b8
Score

8^/10

discovery spyware stealer
- Downloads MZ/PE file
- Deletes itself
- Loads dropped DLL
- Reads user/profile data of local email clients
  Email clients store some user data on disk where infostealers will often target it.
  spyware stealer
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

behavioral2

discoveryspywarestealer

© 2018-2024

Terms | Privacy