Overview

overview

8

Static

static

0b3c943094...ac.exe

windows7-x64

8

0b3c943094...ac.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    0b3c943094e299b36b0028476e37ecbe7db58f1cd91fd6e612b35dedc0123dac

  • Size

    2.2MB

  • Sample

    221011-zn3anaeadr

  • MD5

    67fa0e9fd5d95a17b484b97bc7ef4399

  • SHA1

    41d5e4bcc07a7a75754c104458cd41e9c3bf391e

  • SHA256

    0b3c943094e299b36b0028476e37ecbe7db58f1cd91fd6e612b35dedc0123dac

  • SHA512

    35f51650d487827c671369af4935c42b13a62bcb1292e1ec66e4857607f5c10e08dd780e9f54965c1b3a08326bd99849e331dc61c494c594ce896f2e799ed51e

  • SSDEEP

    49152:osLsLsLs2dcISukoxqro4/Y9dVkZPbZ0obUmp2:osLsLsLs2bvX9UZPt0oq

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      0b3c943094e299b36b0028476e37ecbe7db58f1cd91fd6e612b35dedc0123dac

    • Size

      2.2MB

    • MD5

      67fa0e9fd5d95a17b484b97bc7ef4399

    • SHA1

      41d5e4bcc07a7a75754c104458cd41e9c3bf391e

    • SHA256

      0b3c943094e299b36b0028476e37ecbe7db58f1cd91fd6e612b35dedc0123dac

    • SHA512

      35f51650d487827c671369af4935c42b13a62bcb1292e1ec66e4857607f5c10e08dd780e9f54965c1b3a08326bd99849e331dc61c494c594ce896f2e799ed51e

    • SSDEEP

      49152:osLsLsLs2dcISukoxqro4/Y9dVkZPbZ0obUmp2:osLsLsLs2bvX9UZPt0oq

    Score
    8/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Deletes itself

    • Drops startup file

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks