Overview

overview

10

Static

static

10

2c03aee8f4...07.exe

windows7_x64

7

2c03aee8f4...07.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c03aee8f49613a3439193c5a8e415d4edd6f16d18142b7ad2ab12ae07c90f07

  • Size

    5.5MB

  • Sample

    220329-zrnaxafcgl

  • MD5

    74d4ddced6459bfe044b89ba51646ccd

  • SHA1

    bd8bed94c6ed3a03f48a4d62ef9011b4ffe9102e

  • SHA256

    2c03aee8f49613a3439193c5a8e415d4edd6f16d18142b7ad2ab12ae07c90f07

  • SHA512

    b1a18d0d2480babfe80d8c20baa195383248763f4745a082580d06e80ab641a4f811d419015c0c3565c6f12192d766a6053a933c527ddfeb019b074994944049

Score
10/10
bazarbackdoorpyinstallerspywarestealer

Malware Config

Targets

    • Target

      2c03aee8f49613a3439193c5a8e415d4edd6f16d18142b7ad2ab12ae07c90f07

    • Size

      5.5MB

    • MD5

      74d4ddced6459bfe044b89ba51646ccd

    • SHA1

      bd8bed94c6ed3a03f48a4d62ef9011b4ffe9102e

    • SHA256

      2c03aee8f49613a3439193c5a8e415d4edd6f16d18142b7ad2ab12ae07c90f07

    • SHA512

      b1a18d0d2480babfe80d8c20baa195383248763f4745a082580d06e80ab641a4f811d419015c0c3565c6f12192d766a6053a933c527ddfeb019b074994944049

    Score
    7/10
    spywarestealer

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Legitimate hosting services abused for malware hosting/C2

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks