Overview

overview

8

Static

static

3bf64f2d60...16.exe

windows7-x64

8

3bf64f2d60...16.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3bf64f2d6024cd758b9a0ceb673213e7a6a1eb7d72c3562bdd02fb02a1876b16

  • Size

    799KB

  • Sample

    221003-r7nbvabfb2

  • MD5

    596d54119e736bafed2436e28ca0e2b0

  • SHA1

    d555cc87254e10991639a621f53342e972e80448

  • SHA256

    3bf64f2d6024cd758b9a0ceb673213e7a6a1eb7d72c3562bdd02fb02a1876b16

  • SHA512

    2e06dee0b62c92a867bf255506b56b1ac30e325be0083506e4c1d99e8d79a15100150991eb7986202b9d1bd23a59c40e3e02c223e095b118f06701a6bcb6aff4

  • SSDEEP

    12288:U5NFaq49F/sJKbKwzSW6toHrdsQI2IOlHehOt1TaVECSuSl8+/8WB5LZ2CU31BVf:0FabpsEnfLI5OlHehUaErv4hhUqyt

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      3bf64f2d6024cd758b9a0ceb673213e7a6a1eb7d72c3562bdd02fb02a1876b16

    • Size

      799KB

    • MD5

      596d54119e736bafed2436e28ca0e2b0

    • SHA1

      d555cc87254e10991639a621f53342e972e80448

    • SHA256

      3bf64f2d6024cd758b9a0ceb673213e7a6a1eb7d72c3562bdd02fb02a1876b16

    • SHA512

      2e06dee0b62c92a867bf255506b56b1ac30e325be0083506e4c1d99e8d79a15100150991eb7986202b9d1bd23a59c40e3e02c223e095b118f06701a6bcb6aff4

    • SSDEEP

      12288:U5NFaq49F/sJKbKwzSW6toHrdsQI2IOlHehOt1TaVECSuSl8+/8WB5LZ2CU31BVf:0FabpsEnfLI5OlHehUaErv4hhUqyt

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks