Overview

overview

8

Static

static

8

b3698014a1...78.exe

windows7-x64

8

b3698014a1...78.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    b3698014a1e53347a8d906ffc869632fa7492adef00eea94fc035362406c8478

  • Size

    441KB

  • Sample

    221021-atxvpadbf2

  • MD5

    487de810852dd31f494c0b736a1dfa00

  • SHA1

    a5c89d119ca136649a5d72a8ef732edb427f63b2

  • SHA256

    b3698014a1e53347a8d906ffc869632fa7492adef00eea94fc035362406c8478

  • SHA512

    19b2406ea1c27116eaf10c0569f143f8fe161724907c3bd1246b5ff917f23d490a91291c94530b602ff09b97fb353082a0047422d0264c0c596f2584467db540

  • SSDEEP

    6144:SKmpycsZyhC36BKbA4d7oRYsHC4qxwjImij1K3Sc6Jr3wAtJGK0IljH44:omyhC36BkA4d4qxwJsO/67Y4

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      b3698014a1e53347a8d906ffc869632fa7492adef00eea94fc035362406c8478

    • Size

      441KB

    • MD5

      487de810852dd31f494c0b736a1dfa00

    • SHA1

      a5c89d119ca136649a5d72a8ef732edb427f63b2

    • SHA256

      b3698014a1e53347a8d906ffc869632fa7492adef00eea94fc035362406c8478

    • SHA512

      19b2406ea1c27116eaf10c0569f143f8fe161724907c3bd1246b5ff917f23d490a91291c94530b602ff09b97fb353082a0047422d0264c0c596f2584467db540

    • SSDEEP

      6144:SKmpycsZyhC36BKbA4d7oRYsHC4qxwjImij1K3Sc6Jr3wAtJGK0IljH44:omyhC36BkA4d4qxwJsO/67Y4

    Score
    8/10
    spywarestealerupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks