Overview

overview

8

Static

static

f576d6e879...1a.exe

windows7-x64

8

f576d6e879...1a.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f576d6e879bef52fd5236a3f264f8d96e6a2122e7625a915a78c7119d76bc01a

  • Size

    252KB

  • Sample

    221003-aq7kqaghe2

  • MD5

    63a8045d3fd13c6b396009c1320900ba

  • SHA1

    a9308b432686e773667fc229ab6e5609c31248e1

  • SHA256

    f576d6e879bef52fd5236a3f264f8d96e6a2122e7625a915a78c7119d76bc01a

  • SHA512

    a8b6b8b3c1f280f362bec38db3ca2e5c78008393cd25d72b85b7e43b9eb3c7c6b1b600735c67850ebb5e44b5724191a80b75f2f3c5d49ea5569996a74ec7cd3a

  • SSDEEP

    3072:wjtwAVs6PjJk6P+k+pmQyvHKmjDG+uj+I9XR+lAZB//BE7s7vK8ISbfwg3:MRiz6e7yvhOD9XR+4B//moK/UR

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      f576d6e879bef52fd5236a3f264f8d96e6a2122e7625a915a78c7119d76bc01a

    • Size

      252KB

    • MD5

      63a8045d3fd13c6b396009c1320900ba

    • SHA1

      a9308b432686e773667fc229ab6e5609c31248e1

    • SHA256

      f576d6e879bef52fd5236a3f264f8d96e6a2122e7625a915a78c7119d76bc01a

    • SHA512

      a8b6b8b3c1f280f362bec38db3ca2e5c78008393cd25d72b85b7e43b9eb3c7c6b1b600735c67850ebb5e44b5724191a80b75f2f3c5d49ea5569996a74ec7cd3a

    • SSDEEP

      3072:wjtwAVs6PjJk6P+k+pmQyvHKmjDG+uj+I9XR+lAZB//BE7s7vK8ISbfwg3:MRiz6e7yvhOD9XR+4B//moK/UR

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks