Overview

overview

10

Static

static

Honeygain_...1).exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Honeygain_install (1).exe

  • Size

    13.7MB

  • Sample

    220415-kj39tsggb5

  • MD5

    6d2fb27e84276095fd2beb3d9f741d79

  • SHA1

    b1dd139c731e3c633441a2f964bb85cc6bf72767

  • SHA256

    7660ad82024cfb2faa8b7bea2cdd85509c1b665dcdd40ec0b7cd6c508bb6c4a1

  • SHA512

    a77f9450975fb81cdb81b9a1729114b79b214526193f96da8a89c9cca6170e085498f191f63432420befb9e4ff03cd684d4d10e5300febe365787052b5a4f937

Score
10/10
metastealerpersistencestealer

Malware Config

Targets

    • Target

      Honeygain_install (1).exe

    • Size

      13.7MB

    • MD5

      6d2fb27e84276095fd2beb3d9f741d79

    • SHA1

      b1dd139c731e3c633441a2f964bb85cc6bf72767

    • SHA256

      7660ad82024cfb2faa8b7bea2cdd85509c1b665dcdd40ec0b7cd6c508bb6c4a1

    • SHA512

      a77f9450975fb81cdb81b9a1729114b79b214526193f96da8a89c9cca6170e085498f191f63432420befb9e4ff03cd684d4d10e5300febe365787052b5a4f937

    Score
    10/10
    metastealerpersistencestealer

    • Meta Stealer Stealer

      Meta Stealer steals passwords stored in browsers, written in C++.

      stealermetastealer

    • Blocklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks