Overview

overview

8

Static

static

de27555977...1c.exe

windows7-x64

8

de27555977...1c.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    de275559774e74fa99db42c993548b2d7b1d6d5b940058add009d0067f46f31c

  • Size

    786KB

  • Sample

    221019-1cs4aahdg8

  • MD5

    915fdcd07db1e388187f396dab27f260

  • SHA1

    63e2b5bdbc6f2fc8b389d0a891e4bd849b1a989e

  • SHA256

    de275559774e74fa99db42c993548b2d7b1d6d5b940058add009d0067f46f31c

  • SHA512

    6a392800e11e7fac4e6871c35dc2f2e9652b28465e3d2602ef6aa19ec7698d299bdec1c2b554f5fcabe9420864699b5da6db0b2cabd1e0a43f83af61dfa6c34d

  • SSDEEP

    12288:YXY/yXdimWkkB0BMyPJrOjr5No8G7tddG1/hdxug3vnS/Ekq7D9r0q96M88vircS:YXYKtiHtBkxGg8n1/nNbkGN596xiV

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      de275559774e74fa99db42c993548b2d7b1d6d5b940058add009d0067f46f31c

    • Size

      786KB

    • MD5

      915fdcd07db1e388187f396dab27f260

    • SHA1

      63e2b5bdbc6f2fc8b389d0a891e4bd849b1a989e

    • SHA256

      de275559774e74fa99db42c993548b2d7b1d6d5b940058add009d0067f46f31c

    • SHA512

      6a392800e11e7fac4e6871c35dc2f2e9652b28465e3d2602ef6aa19ec7698d299bdec1c2b554f5fcabe9420864699b5da6db0b2cabd1e0a43f83af61dfa6c34d

    • SSDEEP

      12288:YXY/yXdimWkkB0BMyPJrOjr5No8G7tddG1/hdxug3vnS/Ekq7D9r0q96M88vircS:YXYKtiHtBkxGg8n1/nNbkGN596xiV

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks