Overview

overview

8

Static

static

c4babd9748...89.exe

windows7-x64

8

c4babd9748...89.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    c4babd97485adec5e8124afbb8c1c2318e8bdd0eb76b68d9afa8adda4841ed89

  • Size

    799KB

  • Sample

    221002-phzmgaefg3

  • MD5

    6c1afff30ca997510b4d13cfc7dd3260

  • SHA1

    10662fe3ce281100ed6646245403cfdbf10339f1

  • SHA256

    c4babd97485adec5e8124afbb8c1c2318e8bdd0eb76b68d9afa8adda4841ed89

  • SHA512

    230f1ada8e48f959e5781f1b3cf1360f5d58a44aed12cda8faa10c17f2b4ea662ebbcb13f487ad1137af4ea22c721eae451ed89306f17514006817531d071d58

  • SSDEEP

    24576:dRMZ6KQWortrn8GknFaU7SxB5jzw9N1P:dR0hQW2rn80xBC/

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      c4babd97485adec5e8124afbb8c1c2318e8bdd0eb76b68d9afa8adda4841ed89

    • Size

      799KB

    • MD5

      6c1afff30ca997510b4d13cfc7dd3260

    • SHA1

      10662fe3ce281100ed6646245403cfdbf10339f1

    • SHA256

      c4babd97485adec5e8124afbb8c1c2318e8bdd0eb76b68d9afa8adda4841ed89

    • SHA512

      230f1ada8e48f959e5781f1b3cf1360f5d58a44aed12cda8faa10c17f2b4ea662ebbcb13f487ad1137af4ea22c721eae451ed89306f17514006817531d071d58

    • SSDEEP

      24576:dRMZ6KQWortrn8GknFaU7SxB5jzw9N1P:dR0hQW2rn80xBC/

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks