Overview

overview

10

Static

static

6628819927...NT.exe

windows7_x64

10

6628819927...NT.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6628819927788177272-DEKONT.exe

  • Size

    561KB

  • Sample

    211029-psb9xsdcd9

  • MD5

    ffe72c0b077d5f676be820489ecec81a

  • SHA1

    cde15eab3928df21425863da28c42dd34b708f4e

  • SHA256

    675b0dff6f40d1838f3e386abdb322f9491069f7b57a9fc1dd33fde9805d923b

  • SHA512

    c4e475affe7225e77ef7f14acedd4ff14e37cab7efe792c85a8b60d3943e1662daa5a7bd42a2cb42a5dfe6962be6d512821a9126c791b9761bdef0cdf1fba03c

Score
10/10
a310loggercollectionspywarestealer

Malware Config

Targets

    • Target

      6628819927788177272-DEKONT.exe

    • Size

      561KB

    • MD5

      ffe72c0b077d5f676be820489ecec81a

    • SHA1

      cde15eab3928df21425863da28c42dd34b708f4e

    • SHA256

      675b0dff6f40d1838f3e386abdb322f9491069f7b57a9fc1dd33fde9805d923b

    • SHA512

      c4e475affe7225e77ef7f14acedd4ff14e37cab7efe792c85a8b60d3943e1662daa5a7bd42a2cb42a5dfe6962be6d512821a9126c791b9761bdef0cdf1fba03c

    Score
    10/10
    a310loggercollectionspywarestealer

    • A310logger

      A310 Logger is a .NET stealer/logger targeting passwords from browsers and email clients.

      stealerspywarea310logger

    • A310logger Executable

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads local data of messenger clients

      Infostealers often target stored data of messaging applications, which can include saved credentials and account information.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks