Overview

overview

8

Static

static

8d7c77e230...79.exe

windows7-x64

8

8d7c77e230...79.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    8d7c77e2305f515898815bea011a0fa780af79df85fe87f6f9f170739409c279

  • Size

    378KB

  • Sample

    221030-aq6cnaebak

  • MD5

    a36cc97fb7a75de883e23cb8d0af1ff0

  • SHA1

    f6db5b292c10049b54b1788023929c0d495ffb82

  • SHA256

    8d7c77e2305f515898815bea011a0fa780af79df85fe87f6f9f170739409c279

  • SHA512

    e765681f792bed48d34aec3550c29c045d0b95ea4e6ff82e1abb305a3d6f84202c2518c10767e23b791712995a01b73a5fd6f1996fa219cb97f3a1bf88234a22

  • SSDEEP

    6144:zX7/RiIiOWrqK2ntOWkSfQJVkK1LE//egi2TKPTBqohYh36H4:DqqjrQh1w/K2TKPTsoi36H4

Score
8/10
persistencespywarestealer

Malware Config

Targets

    • Target

      8d7c77e2305f515898815bea011a0fa780af79df85fe87f6f9f170739409c279

    • Size

      378KB

    • MD5

      a36cc97fb7a75de883e23cb8d0af1ff0

    • SHA1

      f6db5b292c10049b54b1788023929c0d495ffb82

    • SHA256

      8d7c77e2305f515898815bea011a0fa780af79df85fe87f6f9f170739409c279

    • SHA512

      e765681f792bed48d34aec3550c29c045d0b95ea4e6ff82e1abb305a3d6f84202c2518c10767e23b791712995a01b73a5fd6f1996fa219cb97f3a1bf88234a22

    • SSDEEP

      6144:zX7/RiIiOWrqK2ntOWkSfQJVkK1LE//egi2TKPTBqohYh36H4:DqqjrQh1w/K2TKPTsoi36H4

    Score
    8/10
    persistencespywarestealer

    • Drops file in Drivers directory

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks