Overview

overview

10

Static

static

10

affe7475e0...a5.exe

windows7_x64

9

affe7475e0...a5.exe

windows10-2004_x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    affe7475e01b9abab5dda12a4ba90b42be2683b66001a23fe88672295ef85ba5

  • Size

    268KB

  • Sample

    220308-l6p66adde5

  • MD5

    7ed13c49bfb875e407c075b3272d95d0

  • SHA1

    e23fd7cba698ca9662b34170a7b7fb662f637e9b

  • SHA256

    affe7475e01b9abab5dda12a4ba90b42be2683b66001a23fe88672295ef85ba5

  • SHA512

    34868d9bd77eae0c85df4a5deecbff3ee78deac456be7e441964c4af81f3aabbc911611da292f169a28b2b1acfa68b1f760ca6f582bc73e8c6fa396e90efa2b7

Score
10/10
isrstealercollectionspywarestealerupx

Malware Config

Targets

    • Target

      affe7475e01b9abab5dda12a4ba90b42be2683b66001a23fe88672295ef85ba5

    • Size

      268KB

    • MD5

      7ed13c49bfb875e407c075b3272d95d0

    • SHA1

      e23fd7cba698ca9662b34170a7b7fb662f637e9b

    • SHA256

      affe7475e01b9abab5dda12a4ba90b42be2683b66001a23fe88672295ef85ba5

    • SHA512

      34868d9bd77eae0c85df4a5deecbff3ee78deac456be7e441964c4af81f3aabbc911611da292f169a28b2b1acfa68b1f760ca6f582bc73e8c6fa396e90efa2b7

    Score
    9/10
    collectionspywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • Nirsoft

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks