Overview

overview

10

Static

static

10

dbe3add97e...73.exe

windows7_x64

7

dbe3add97e...73.exe

windows10_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dbe3add97e97b5059ae3d9d3c27ffd73.exe

  • Size

    225KB

  • Sample

    211019-qws8aaggdm

  • MD5

    dbe3add97e97b5059ae3d9d3c27ffd73

  • SHA1

    bc4ff17e1cd0e1b882d6c4e2cfdb7f8511e3b5a3

  • SHA256

    4cc1651dcb5f9d01e820fff8ee99daaf1d2db24600160d46b77a898fc53dd3e2

  • SHA512

    2a07376b1d4b2ce69de195107b1dae7a7f8c4543d38445afa3598abd01ae64eb4dc030701e50eb89a3e5cfbf9870e175bde3d7aaecdb9f61621438b08f7985f4

Score
10/10
redlinediscoveryspywarestealer

Malware Config

Targets

    • Target

      dbe3add97e97b5059ae3d9d3c27ffd73.exe

    • Size

      225KB

    • MD5

      dbe3add97e97b5059ae3d9d3c27ffd73

    • SHA1

      bc4ff17e1cd0e1b882d6c4e2cfdb7f8511e3b5a3

    • SHA256

      4cc1651dcb5f9d01e820fff8ee99daaf1d2db24600160d46b77a898fc53dd3e2

    • SHA512

      2a07376b1d4b2ce69de195107b1dae7a7f8c4543d38445afa3598abd01ae64eb4dc030701e50eb89a3e5cfbf9870e175bde3d7aaecdb9f61621438b08f7985f4

    Score
    7/10
    discoveryspywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Query Registry

1
T1012

Lateral Movement

Collection

Data from Local System

2
T1005

Exfiltration

Command and Control

Impact

Tasks