Overview

overview

8

Static

static

b40d20cd4a...0f.exe

windows7-x64

8

b40d20cd4a...0f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b40d20cd4adcbe7477e85102f2bee8d75e49079ef9fee3e0ea40305c4993030f

  • Size

    1.0MB

  • Sample

    221019-rer5bsbab4

  • MD5

    924ed58af909798e0f08a1a36e909e04

  • SHA1

    0904c4b38bd4700555b1ec4f3d0960deb0786b0f

  • SHA256

    b40d20cd4adcbe7477e85102f2bee8d75e49079ef9fee3e0ea40305c4993030f

  • SHA512

    eda33f3158a931cd12a51f3f9650ebad11fe2994955f42fcc4b8a58de828c0fb78e2d83b05d37df043db15a7197dbb2067ca53462498ac5bfdce6f1445e56948

  • SSDEEP

    24576:mgXIl1q890aAxhT0+8U9BBtjkm0YtB3fnrFPt384nim272a:il1Tq/HHT0Yt319iXqa

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      b40d20cd4adcbe7477e85102f2bee8d75e49079ef9fee3e0ea40305c4993030f

    • Size

      1.0MB

    • MD5

      924ed58af909798e0f08a1a36e909e04

    • SHA1

      0904c4b38bd4700555b1ec4f3d0960deb0786b0f

    • SHA256

      b40d20cd4adcbe7477e85102f2bee8d75e49079ef9fee3e0ea40305c4993030f

    • SHA512

      eda33f3158a931cd12a51f3f9650ebad11fe2994955f42fcc4b8a58de828c0fb78e2d83b05d37df043db15a7197dbb2067ca53462498ac5bfdce6f1445e56948

    • SSDEEP

      24576:mgXIl1q890aAxhT0+8U9BBtjkm0YtB3fnrFPt384nim272a:il1Tq/HHT0Yt319iXqa

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks