Overview

overview

8

Static

static

8

ie浏览�...40.exe

windows10_x64

7

ie浏览�...40.exe

windows10-2004_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ie浏览器_@1918_640.exe

  • Size

    652KB

  • Sample

    220127-qqjrnadgf9

  • MD5

    5dfc3eefe1c51312d0020910020c4025

  • SHA1

    8e6ab92a5d138b3f997ee0a12bb2438e82236760

  • SHA256

    7cff549b9b283c2124a963526762625ac3a476ced39bab1afb2cf1accd3249d0

  • SHA512

    6be0d92564a380dff41d2960d32e17fe81c0340dbb09a1207a109fa0f584a75e066bbc3a26f5d53f4a62037fd09938a3729d2f595100c7b26bacea38e5e4a6cd

Score
8/10
bootkitpersistencespywarestealerupx

Malware Config

Targets

    • Target

      ie浏览器_@1918_640.exe

    • Size

      652KB

    • MD5

      5dfc3eefe1c51312d0020910020c4025

    • SHA1

      8e6ab92a5d138b3f997ee0a12bb2438e82236760

    • SHA256

      7cff549b9b283c2124a963526762625ac3a476ced39bab1afb2cf1accd3249d0

    • SHA512

      6be0d92564a380dff41d2960d32e17fe81c0340dbb09a1207a109fa0f584a75e066bbc3a26f5d53f4a62037fd09938a3729d2f595100c7b26bacea38e5e4a6cd

    Score
    8/10
    bootkitpersistencespywarestealer

    • Sets service image path in registry

      persistence

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Writes to the Master Boot Record (MBR)

      Bootkits write to the MBR to gain persistence at a level below the operating system.

      bootkitpersistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks