Overview

overview

10

Static

static

10

yan1.exe

windows7-x64

7

yan1.exe

windows10-2004-x64

8

Resubmissions

28-10-2022 06:14

221028-gzepmafagn 10

13-10-2022 09:36

221013-lkxdcabga8 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    yan1.exe

  • Size

    398KB

  • Sample

    221028-gzepmafagn

  • MD5

    afaf2d4ebb6dc47e79a955df5ad1fc8a

  • SHA1

    c418ce055d97928f94ba06b5de8124a601d8f632

  • SHA256

    d11793433065633b84567de403c1989640a07c9a399dd2753aaf118891ce791c

  • SHA512

    321424ac21ebdb7f759a84236cb95c533b3000b3143099e1697f4a1f534c11782dafa68e5fa9e662b973b9669c1177b69c2fd0b83455625e57aa123385f581e6

  • SSDEEP

    12288:EfaLQyGK6kAa2XgsA1RUa+jE6S3qRTjO0:EwIHnXp/O0

Score
10/10
yanluowangspywarestealer

Malware Config

Targets

    • Target

      yan1.exe

    • Size

      398KB

    • MD5

      afaf2d4ebb6dc47e79a955df5ad1fc8a

    • SHA1

      c418ce055d97928f94ba06b5de8124a601d8f632

    • SHA256

      d11793433065633b84567de403c1989640a07c9a399dd2753aaf118891ce791c

    • SHA512

      321424ac21ebdb7f759a84236cb95c533b3000b3143099e1697f4a1f534c11782dafa68e5fa9e662b973b9669c1177b69c2fd0b83455625e57aa123385f581e6

    • SSDEEP

      12288:EfaLQyGK6kAa2XgsA1RUa+jE6S3qRTjO0:EwIHnXp/O0

    Score
    8/10
    spywarestealer

    • Drops file in Drivers directory

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks