Overview

overview

7

Static

static

806d8d8e0a...30.exe

windows7-x64

7

806d8d8e0a...30.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    806d8d8e0a0e011f26ffb6632640abe70b7c389d8096bf2c23bfcb208a3b7d30

  • Size

    912KB

  • Sample

    221020-mxzvnsadam

  • MD5

    5703a197504c8ad119e37bc1c4dc60a0

  • SHA1

    4fb66b02a4b1f86ead373ab00294049dce18aba7

  • SHA256

    806d8d8e0a0e011f26ffb6632640abe70b7c389d8096bf2c23bfcb208a3b7d30

  • SHA512

    91cfa81c693fc46b482bc8a35e14f324398569686f2f8a764a1796552ab5d5665e4918572297d19f656d13c9455087630c783d5cda3e6be2befc68f00da9f45b

  • SSDEEP

    24576:2WfUjY08fY6KEDSJ0Ik/lKQ+0i1L7ggX0NG:zMJ6KsSC/4rFgGt

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      806d8d8e0a0e011f26ffb6632640abe70b7c389d8096bf2c23bfcb208a3b7d30

    • Size

      912KB

    • MD5

      5703a197504c8ad119e37bc1c4dc60a0

    • SHA1

      4fb66b02a4b1f86ead373ab00294049dce18aba7

    • SHA256

      806d8d8e0a0e011f26ffb6632640abe70b7c389d8096bf2c23bfcb208a3b7d30

    • SHA512

      91cfa81c693fc46b482bc8a35e14f324398569686f2f8a764a1796552ab5d5665e4918572297d19f656d13c9455087630c783d5cda3e6be2befc68f00da9f45b

    • SSDEEP

      24576:2WfUjY08fY6KEDSJ0Ik/lKQ+0i1L7ggX0NG:zMJ6KsSC/4rFgGt

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks