Overview

overview

10

Static

static

10

b1538d2326...c2.exe

windows7_x64

9

b1538d2326...c2.exe

windows10-2004_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b1538d2326d73b719a625d48ce01e41de1250e08fe5e688981ebbaccfc77f1c2

  • Size

    264KB

  • Sample

    220308-l2jtksdch3

  • MD5

    8800d2162761f862d8389dad31079ad5

  • SHA1

    b9571acc5fda35fbf179f4f2d206b66742f6ee16

  • SHA256

    b1538d2326d73b719a625d48ce01e41de1250e08fe5e688981ebbaccfc77f1c2

  • SHA512

    05782867de40a9f1c2321d1aedf8259b038fe967532475f082d5c90465a771a9416cbba35fb56cda0a068e6b0e9a01d6fe2c59cf408bb34bd3878cad94b1d9cd

Score
10/10
isrstealercollectionspywarestealerupx

Malware Config

Targets

    • Target

      b1538d2326d73b719a625d48ce01e41de1250e08fe5e688981ebbaccfc77f1c2

    • Size

      264KB

    • MD5

      8800d2162761f862d8389dad31079ad5

    • SHA1

      b9571acc5fda35fbf179f4f2d206b66742f6ee16

    • SHA256

      b1538d2326d73b719a625d48ce01e41de1250e08fe5e688981ebbaccfc77f1c2

    • SHA512

      05782867de40a9f1c2321d1aedf8259b038fe967532475f082d5c90465a771a9416cbba35fb56cda0a068e6b0e9a01d6fe2c59cf408bb34bd3878cad94b1d9cd

    Score
    9/10
    collectionspywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks