Overview

overview

7

Static

static

file.exe

windows7-x64

7

file.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    349KB

  • Sample

    221102-l2r5ysbfen

  • MD5

    cc63a28ffd1c520a780046c720f955f4

  • SHA1

    71fd171809b55d73a75ef63b2776a2ab82a58a6a

  • SHA256

    2beb165a3f2ed3b8506fe8c0d2624b2f47c2a82579ccdea7d7f308c49a00ca9d

  • SHA512

    434642beffef2c5b8ab2e84c15294ea4b70926633df9ab40f65032213d0f3055fde855dc8c9422c9d038e763f5fc704edc13944e7272128805ddedda65741557

  • SSDEEP

    6144:xRT6eUPmb5Dsxp6BDh8k65be81o0L3nVUW3LHKnhB0cBYUPyBtI1RD:xR2ob5DQ4BDh8k65be81o0L3VUCqhB0e

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      file.exe

    • Size

      349KB

    • MD5

      cc63a28ffd1c520a780046c720f955f4

    • SHA1

      71fd171809b55d73a75ef63b2776a2ab82a58a6a

    • SHA256

      2beb165a3f2ed3b8506fe8c0d2624b2f47c2a82579ccdea7d7f308c49a00ca9d

    • SHA512

      434642beffef2c5b8ab2e84c15294ea4b70926633df9ab40f65032213d0f3055fde855dc8c9422c9d038e763f5fc704edc13944e7272128805ddedda65741557

    • SSDEEP

      6144:xRT6eUPmb5Dsxp6BDh8k65be81o0L3nVUW3LHKnhB0cBYUPyBtI1RD:xR2ob5DQ4BDh8k65be81o0L3VUCqhB0e

    Score
    7/10
    discoveryspywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses 2FA software files, possible credential harvesting

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks