Overview

overview

10

Static

static

741355cb1f...7c.exe

windows7-x64

10

741355cb1f...7c.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    741355cb1f81eb492accd9142aef9b4ad00546182c8c252b395b1b51edd3517c

  • Size

    486KB

  • Sample

    221030-cmplvagdf6

  • MD5

    8433e0dda1ead0ed5078f081772b2400

  • SHA1

    a6cd809437c4e5e1f5a1c6da52a4e8295b6b7a34

  • SHA256

    741355cb1f81eb492accd9142aef9b4ad00546182c8c252b395b1b51edd3517c

  • SHA512

    92904fb13babddf0b9e2b0ac5589bf20ded63ffd8a784ac3415e356ddf47c15e136cade4c994751d16a7155d6d73bbe0ad243e23dec0e81eaf5fd68da85deb76

  • SSDEEP

    12288:zi/5oLLgoyxqY592DPCdWEfvDtzVVA22iHPY0z4zu4bGfwcFJ:ziBoLLgoyx2PCdpfbrVA22aY0cNyo

Score
10/10
evasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      741355cb1f81eb492accd9142aef9b4ad00546182c8c252b395b1b51edd3517c

    • Size

      486KB

    • MD5

      8433e0dda1ead0ed5078f081772b2400

    • SHA1

      a6cd809437c4e5e1f5a1c6da52a4e8295b6b7a34

    • SHA256

      741355cb1f81eb492accd9142aef9b4ad00546182c8c252b395b1b51edd3517c

    • SHA512

      92904fb13babddf0b9e2b0ac5589bf20ded63ffd8a784ac3415e356ddf47c15e136cade4c994751d16a7155d6d73bbe0ad243e23dec0e81eaf5fd68da85deb76

    • SSDEEP

      12288:zi/5oLLgoyxqY592DPCdWEfvDtzVVA22iHPY0z4zu4bGfwcFJ:ziBoLLgoyx2PCdpfbrVA22aY0cNyo

    Score
    10/10
    evasionpersistencetrojanspywarestealer

    • Modifies WinLogon for persistence

      persistence

    • Modifies visibility of file extensions in Explorer

      evasion

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks