Overview

overview

8

Static

static

8

3723f7aa0f...3c.exe

windows7-x64

8

3723f7aa0f...3c.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    3723f7aa0ff93d3f41bf01ad14c8589a4d66f20ac58e8ff5bce4a5d2c6cd4a3c

  • Size

    1020KB

  • Sample

    221030-j6wylabhbq

  • MD5

    844845c2fe00f78c681383b39a39b3b0

  • SHA1

    fe2651d674537b7bfc2d68728690c85d5b3e304f

  • SHA256

    3723f7aa0ff93d3f41bf01ad14c8589a4d66f20ac58e8ff5bce4a5d2c6cd4a3c

  • SHA512

    016ceec213b3fbefc40ce1ba4539361eb57a70c254a1e594e9d597415b2bd623542463c7e0f055b0be284b5b935540b16f85471674d1fc6fabcc9e7af2a93d30

  • SSDEEP

    24576:vItgZkFtNO47JXLz498ubR4+VG6q2/WdZzY8B:gtgZk847mGSR4+VGlLY4

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      3723f7aa0ff93d3f41bf01ad14c8589a4d66f20ac58e8ff5bce4a5d2c6cd4a3c

    • Size

      1020KB

    • MD5

      844845c2fe00f78c681383b39a39b3b0

    • SHA1

      fe2651d674537b7bfc2d68728690c85d5b3e304f

    • SHA256

      3723f7aa0ff93d3f41bf01ad14c8589a4d66f20ac58e8ff5bce4a5d2c6cd4a3c

    • SHA512

      016ceec213b3fbefc40ce1ba4539361eb57a70c254a1e594e9d597415b2bd623542463c7e0f055b0be284b5b935540b16f85471674d1fc6fabcc9e7af2a93d30

    • SSDEEP

      24576:vItgZkFtNO47JXLz498ubR4+VG6q2/WdZzY8B:gtgZk847mGSR4+VGlLY4

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks