Overview

overview

8

Static

static

fe828cf68e...64.exe

windows7_x64

8

fe828cf68e...64.exe

windows10_x64

8

Resubmissions

19-01-2022 16:34

220119-t3aw3abfa3 10

25-11-2021 12:35

211125-pshrpsaed9 8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fe828cf68e77f09d903d17e4318e585ca5753b5cc1a8e7fdb081244ee6e29464

  • Size

    8.7MB

  • Sample

    211125-pshrpsaed9

  • MD5

    29d557e552e133898f5387443792f285

  • SHA1

    c33c1d1dbe9b838d916b938741f1ebe9f624293f

  • SHA256

    fe828cf68e77f09d903d17e4318e585ca5753b5cc1a8e7fdb081244ee6e29464

  • SHA512

    ac716245cb2ee2032e6789d1c69ada966603770d1ab950b43d7df61e55ac30a36f27885ec96a53e88f67a84c6c92a9228d57834cf3f36a910af6067b95c7b02b

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      fe828cf68e77f09d903d17e4318e585ca5753b5cc1a8e7fdb081244ee6e29464

    • Size

      8.7MB

    • MD5

      29d557e552e133898f5387443792f285

    • SHA1

      c33c1d1dbe9b838d916b938741f1ebe9f624293f

    • SHA256

      fe828cf68e77f09d903d17e4318e585ca5753b5cc1a8e7fdb081244ee6e29464

    • SHA512

      ac716245cb2ee2032e6789d1c69ada966603770d1ab950b43d7df61e55ac30a36f27885ec96a53e88f67a84c6c92a9228d57834cf3f36a910af6067b95c7b02b

    Score
    8/10
    discoveryspywarestealer

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks