Overview

overview

9

Static

static

5b6e351b4b...1b.exe

windows7-x64

9

5b6e351b4b...1b.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    5b6e351b4b59e8610f11768159151fe3f6f95cb457295a2f4914443b915fc21b

  • Size

    783KB

  • Sample

    221001-3j21wadcfl

  • MD5

    6f30619bb076002a7f436962ff01e0f0

  • SHA1

    1ea31fee95acd27ab1dcf1af5bc3a916f65a5c36

  • SHA256

    5b6e351b4b59e8610f11768159151fe3f6f95cb457295a2f4914443b915fc21b

  • SHA512

    3d68d75169a7727c3ed98a4fe0ad7e2dfdc933e34bb8ac3d7cbf607c341ba5510a7220d3a4aeca31189b9b88a51206dda928171dcc88cadb59c6b67d7d67f00d

  • SSDEEP

    24576:oJiYUYi1iXJF85GZaCR8al35ZkvXAccdESkWPhDsujwl5SA:oJindeF85GZa48APkf3uwWPhfjwl5P

Score
9/10

Malware Config

Targets

    • Target

      5b6e351b4b59e8610f11768159151fe3f6f95cb457295a2f4914443b915fc21b

    • Size

      783KB

    • MD5

      6f30619bb076002a7f436962ff01e0f0

    • SHA1

      1ea31fee95acd27ab1dcf1af5bc3a916f65a5c36

    • SHA256

      5b6e351b4b59e8610f11768159151fe3f6f95cb457295a2f4914443b915fc21b

    • SHA512

      3d68d75169a7727c3ed98a4fe0ad7e2dfdc933e34bb8ac3d7cbf607c341ba5510a7220d3a4aeca31189b9b88a51206dda928171dcc88cadb59c6b67d7d67f00d

    • SSDEEP

      24576:oJiYUYi1iXJF85GZaCR8al35ZkvXAccdESkWPhDsujwl5SA:oJindeF85GZa48APkf3uwWPhfjwl5P

    Score
    9/10

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks