Overview

overview

8

Static

static

a1a2a44dd3...f7.exe

windows7-x64

8

a1a2a44dd3...f7.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    a1a2a44dd328722bc5288cfcbbbe9c16cffd6806e5bf9310fecd5e6e666e10f7

  • Size

    799KB

  • Sample

    221107-ngdg6sdda7

  • MD5

    0f9885b99b86ba7b56e9205f62554ff6

  • SHA1

    b35db5d0cab5b34e47f22082c9429154e5337f66

  • SHA256

    a1a2a44dd328722bc5288cfcbbbe9c16cffd6806e5bf9310fecd5e6e666e10f7

  • SHA512

    3b992244c085c48aa65a1f2fbc5088b5255f04f48799f3495369f1b7310e79362083b8b10f22dbac65965aa560059667af9014dc10f247d55c5b7e48102c533b

  • SSDEEP

    24576:3n/YLSw3jC7LgOxhQIjjtec5UQtvUD/u:3/KSw3jC7bbjUGtvd

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      a1a2a44dd328722bc5288cfcbbbe9c16cffd6806e5bf9310fecd5e6e666e10f7

    • Size

      799KB

    • MD5

      0f9885b99b86ba7b56e9205f62554ff6

    • SHA1

      b35db5d0cab5b34e47f22082c9429154e5337f66

    • SHA256

      a1a2a44dd328722bc5288cfcbbbe9c16cffd6806e5bf9310fecd5e6e666e10f7

    • SHA512

      3b992244c085c48aa65a1f2fbc5088b5255f04f48799f3495369f1b7310e79362083b8b10f22dbac65965aa560059667af9014dc10f247d55c5b7e48102c533b

    • SSDEEP

      24576:3n/YLSw3jC7LgOxhQIjjtec5UQtvUD/u:3/KSw3jC7bbjUGtvd

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks