Overview

overview

7

Static

static

858d78194c...5c.exe

windows7-x64

7

858d78194c...5c.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    858d78194c00c5b5ded3188a303177f3452da4f32db355a8602fa0db03af7d5c

  • Size

    928KB

  • Sample

    221107-1gwd7schel

  • MD5

    0a13825e264e6a010ced295ff7319400

  • SHA1

    4b135b65db2815fbdbc069fb9d55fb56edccfa33

  • SHA256

    858d78194c00c5b5ded3188a303177f3452da4f32db355a8602fa0db03af7d5c

  • SHA512

    403c026504e9f116d81ca87d3628890cd75a09dc551a470e27ce35ce4260c1cedfae8166a8c24c70f307f16fe3046c0cadcc5dc4aa704c7e18b523ec07326925

  • SSDEEP

    24576:2WMwlrm122lx28VeiL9XS81TkVNW/FhmqyAL/d:zMw09LjoM9XO0zDd

Score
7/10
persistencespywarestealer

Malware Config

Targets

    • Target

      858d78194c00c5b5ded3188a303177f3452da4f32db355a8602fa0db03af7d5c

    • Size

      928KB

    • MD5

      0a13825e264e6a010ced295ff7319400

    • SHA1

      4b135b65db2815fbdbc069fb9d55fb56edccfa33

    • SHA256

      858d78194c00c5b5ded3188a303177f3452da4f32db355a8602fa0db03af7d5c

    • SHA512

      403c026504e9f116d81ca87d3628890cd75a09dc551a470e27ce35ce4260c1cedfae8166a8c24c70f307f16fe3046c0cadcc5dc4aa704c7e18b523ec07326925

    • SSDEEP

      24576:2WMwlrm122lx28VeiL9XS81TkVNW/FhmqyAL/d:zMw09LjoM9XO0zDd

    Score
    7/10
    persistencespywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks