Overview

overview

7

Static

static

487f141be8...fe.exe

windows7-x64

7

487f141be8...fe.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    487f141be8207b8b16b77822a194a9a27d7fb0ab5de2d5910b3c6a35cc25b2fe

  • Size

    440KB

  • Sample

    221011-l6a28shdg5

  • MD5

    7bdc32a85d611725d5e0374dfb1a19f0

  • SHA1

    89876e7f8fe81b8b6e6c9d575d73d62c979e8ffd

  • SHA256

    487f141be8207b8b16b77822a194a9a27d7fb0ab5de2d5910b3c6a35cc25b2fe

  • SHA512

    d0d3bf2e883486e943043dce2187ed7e627f18a61017480ae0360812257899eb3d3e790618bd38907b00ddfc053b171fba9da5e8fc277405c536f7db7159ff98

  • SSDEEP

    12288:zXCNi9B1YCThClG81hSd6l7Zckuol3oEzp:2W1YNo8a4Zcc

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      487f141be8207b8b16b77822a194a9a27d7fb0ab5de2d5910b3c6a35cc25b2fe

    • Size

      440KB

    • MD5

      7bdc32a85d611725d5e0374dfb1a19f0

    • SHA1

      89876e7f8fe81b8b6e6c9d575d73d62c979e8ffd

    • SHA256

      487f141be8207b8b16b77822a194a9a27d7fb0ab5de2d5910b3c6a35cc25b2fe

    • SHA512

      d0d3bf2e883486e943043dce2187ed7e627f18a61017480ae0360812257899eb3d3e790618bd38907b00ddfc053b171fba9da5e8fc277405c536f7db7159ff98

    • SSDEEP

      12288:zXCNi9B1YCThClG81hSd6l7Zckuol3oEzp:2W1YNo8a4Zcc

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks