Overview

overview

8

Static

static

dce518fa4b...2e.exe

windows7-x64

8

dce518fa4b...2e.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dce518fa4bd90c7d66307805b146f77e46b3c6653f57635d437d4a2fba7a032e

  • Size

    1.8MB

  • Sample

    221003-m8v1vsdcdj

  • MD5

    9a72927cc096816baa2e8d1247694f2d

  • SHA1

    97adb524ac99b4f8d3872b7f6a6cde55ee2dd88e

  • SHA256

    dce518fa4bd90c7d66307805b146f77e46b3c6653f57635d437d4a2fba7a032e

  • SHA512

    915d778b77e013c1782dee1a33cdfa53e3401a75ee0eed88dc1d0ade70a8154d5d647e2ba2a1eef2e8345a55db6ed9c0731cdb108eb83e54c2c19a73c3deab34

  • SSDEEP

    49152:cbJh9E+kwdbk4VIcQgYJWXW9gDmUQi2oJJN1eica:Oh9xVRVKgYYWymT6JNUq

Score
8/10
collectionspywarestealer

Malware Config

Targets

    • Target

      dce518fa4bd90c7d66307805b146f77e46b3c6653f57635d437d4a2fba7a032e

    • Size

      1.8MB

    • MD5

      9a72927cc096816baa2e8d1247694f2d

    • SHA1

      97adb524ac99b4f8d3872b7f6a6cde55ee2dd88e

    • SHA256

      dce518fa4bd90c7d66307805b146f77e46b3c6653f57635d437d4a2fba7a032e

    • SHA512

      915d778b77e013c1782dee1a33cdfa53e3401a75ee0eed88dc1d0ade70a8154d5d647e2ba2a1eef2e8345a55db6ed9c0731cdb108eb83e54c2c19a73c3deab34

    • SSDEEP

      49152:cbJh9E+kwdbk4VIcQgYJWXW9gDmUQi2oJJN1eica:Oh9xVRVKgYYWymT6JNUq

    Score
    8/10
    collectionspywarestealer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks