Overview

overview

8

Static

static

aac17d3243...0f.exe

windows7-x64

8

aac17d3243...0f.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aac17d32431c315aead62d416d61b38c19d019b145ef54b1f2a72ca53485370f

  • Size

    1.0MB

  • Sample

    221019-sg67psdddl

  • MD5

    91bf9de37785d7fad5b9ed8d03c71146

  • SHA1

    894f6931e309ee4bdc83d67565ec9f9beb9d5376

  • SHA256

    aac17d32431c315aead62d416d61b38c19d019b145ef54b1f2a72ca53485370f

  • SHA512

    16f2abbdefa3490bb4a6b85fa7fe6c28d445d9b846726938471d2a5162605eb3c3536907004042a69569acfe8894445475e210ca6c969c567035947bc5764608

  • SSDEEP

    24576:c9dfTaKvBhtI0Hna1+ax66tQq64UemyxPuEBtqxQ15w9Y9bzRs1p8:YTXv7y0Hvag6eqgemaPuEbaEw9eBs1p8

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      aac17d32431c315aead62d416d61b38c19d019b145ef54b1f2a72ca53485370f

    • Size

      1.0MB

    • MD5

      91bf9de37785d7fad5b9ed8d03c71146

    • SHA1

      894f6931e309ee4bdc83d67565ec9f9beb9d5376

    • SHA256

      aac17d32431c315aead62d416d61b38c19d019b145ef54b1f2a72ca53485370f

    • SHA512

      16f2abbdefa3490bb4a6b85fa7fe6c28d445d9b846726938471d2a5162605eb3c3536907004042a69569acfe8894445475e210ca6c969c567035947bc5764608

    • SSDEEP

      24576:c9dfTaKvBhtI0Hna1+ax66tQq64UemyxPuEBtqxQ15w9Y9bzRs1p8:YTXv7y0Hvag6eqgemaPuEbaEw9eBs1p8

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks