Overview

overview

8

Static

static

c46cd80f09...ef.exe

windows7-x64

8

c46cd80f09...ef.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c46cd80f090379b407d47741aa041ea0b89023d9bf4f14ffad5ebb46a9ec34ef

  • Size

    348KB

  • Sample

    221029-ae3gmaddhk

  • MD5

    0015d8a94637744d35c226947c2f13a0

  • SHA1

    6ed7d557bd5f0e9a8fd7c04447d52032b2b23607

  • SHA256

    c46cd80f090379b407d47741aa041ea0b89023d9bf4f14ffad5ebb46a9ec34ef

  • SHA512

    8e7c7324e69b4e010577f8763a6ea99102d044b1d903581cf0654ceee2b4d7a76ddd7d12e0f5c47816ff7e16bad8879a05a832f8b3f8edc601be1f8d9a3ca6b6

  • SSDEEP

    3072:g/i8Nr6keYEf3KTm8OOmSUd+adnvrbpnuJAY9a4gWiALZu3X7vKkOni5E63r:f80bYFmXxnuqY9d7VL2XzZ5E6b

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      c46cd80f090379b407d47741aa041ea0b89023d9bf4f14ffad5ebb46a9ec34ef

    • Size

      348KB

    • MD5

      0015d8a94637744d35c226947c2f13a0

    • SHA1

      6ed7d557bd5f0e9a8fd7c04447d52032b2b23607

    • SHA256

      c46cd80f090379b407d47741aa041ea0b89023d9bf4f14ffad5ebb46a9ec34ef

    • SHA512

      8e7c7324e69b4e010577f8763a6ea99102d044b1d903581cf0654ceee2b4d7a76ddd7d12e0f5c47816ff7e16bad8879a05a832f8b3f8edc601be1f8d9a3ca6b6

    • SSDEEP

      3072:g/i8Nr6keYEf3KTm8OOmSUd+adnvrbpnuJAY9a4gWiALZu3X7vKkOni5E63r:f80bYFmXxnuqY9d7VL2XzZ5E6b

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks