Overview

overview

7

Static

static

5

280aeae432...68.exe

windows7_x64

7

280aeae432...68.exe

windows10-2004_x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    280aeae432031afd88c1e72db036aebb6aee5d466bd6b9a69b5f82f41b302768

  • Size

    1.4MB

  • Sample

    220521-mnv55afcan

  • MD5

    86f075418b4a2548a7d74ea35e2e237e

  • SHA1

    0a1d40d105164a3a95d398c6ebdbaf701feabc09

  • SHA256

    280aeae432031afd88c1e72db036aebb6aee5d466bd6b9a69b5f82f41b302768

  • SHA512

    48d721bc13b3d1424e5082ab5e25b8dd27c5a7cebcb6b8b32acc58428d243410050b66af98adb067a3c5c996681ae1377017a26c77d22b516b33343737dd980e

Score
7/10
collectionspywarestealer

Malware Config

Targets

    • Target

      280aeae432031afd88c1e72db036aebb6aee5d466bd6b9a69b5f82f41b302768

    • Size

      1.4MB

    • MD5

      86f075418b4a2548a7d74ea35e2e237e

    • SHA1

      0a1d40d105164a3a95d398c6ebdbaf701feabc09

    • SHA256

      280aeae432031afd88c1e72db036aebb6aee5d466bd6b9a69b5f82f41b302768

    • SHA512

      48d721bc13b3d1424e5082ab5e25b8dd27c5a7cebcb6b8b32acc58428d243410050b66af98adb067a3c5c996681ae1377017a26c77d22b516b33343737dd980e

    Score
    7/10
    collectionspywarestealer

    • Reads user/profile data of local email clients

      Email clients store some user data on disk where infostealers will often target it.

      spywarestealer

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

2
T1081

Discovery

Lateral Movement

Collection

Data from Local System

2
T1005

Email Collection

1
T1114

Exfiltration

Command and Control

Impact

Tasks