Overview

overview

10

Static

static

44da0d90f2...8a.exe

windows7-x64

7

44da0d90f2...8a.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    44da0d90f232cc707b13868950616250449f634a70cddca85707f03d78dac08a

  • Size

    88KB

  • Sample

    221004-fdypyacgbp

  • MD5

    135b3d5046be58820fe60ad948b54b54

  • SHA1

    71a0a67dbea099f4cb36df97515eba8116242b2a

  • SHA256

    44da0d90f232cc707b13868950616250449f634a70cddca85707f03d78dac08a

  • SHA512

    d7cde08f948b6c9a8accb0b1c7343f31333c0cca4cc7699672a16c9a9589ae1be7dd24f422187d0e57e22921dc5143074511523257203cd32cb2e92c6d87a81b

  • SSDEEP

    1536:/qSkJO8PwFnLCVhv+pVC+7sgWkl71THCtQTMHc5o8DUkIhK99x:SrUnLahvOb7stqhTHEeikIh6

Score
10/10
evasionpersistencespywarestealer

Malware Config

Targets

    • Target

      44da0d90f232cc707b13868950616250449f634a70cddca85707f03d78dac08a

    • Size

      88KB

    • MD5

      135b3d5046be58820fe60ad948b54b54

    • SHA1

      71a0a67dbea099f4cb36df97515eba8116242b2a

    • SHA256

      44da0d90f232cc707b13868950616250449f634a70cddca85707f03d78dac08a

    • SHA512

      d7cde08f948b6c9a8accb0b1c7343f31333c0cca4cc7699672a16c9a9589ae1be7dd24f422187d0e57e22921dc5143074511523257203cd32cb2e92c6d87a81b

    • SSDEEP

      1536:/qSkJO8PwFnLCVhv+pVC+7sgWkl71THCtQTMHc5o8DUkIhK99x:SrUnLahvOb7stqhTHEeikIh6

    Score
    10/10
    persistencespywarestealerevasion

    • Modifies firewall policy service

      evasion

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks