Overview

overview

8

Static

static

fd4845cd7d...ce.exe

windows7-x64

8

fd4845cd7d...ce.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fd4845cd7deef68fc57b4dd6c1c4806686145657a2be08c4d46b167c9df303ce

  • Size

    588KB

  • Sample

    221107-vrrk4sbfaq

  • MD5

    025387dd4f24847516237f55e913bad5

  • SHA1

    2010e8f192449436731f14fd756239f7bad03755

  • SHA256

    fd4845cd7deef68fc57b4dd6c1c4806686145657a2be08c4d46b167c9df303ce

  • SHA512

    fef98c75716596bf6d0b77ce8ca63cca5558fe7aa679f7c7553408768b58fc8e1c2dcef8471451895416beed9413cee103f3118155afdeb531755e73f9d9665c

  • SSDEEP

    12288:qXR2D/HOcfxGk5e3fbbREgC8VrtuqN/IrjD6yVQihlg:qEzOcfxGk5ePbygCI7NUVC

Score
8/10
discoveryevasionspywarestealertrojan

Malware Config

Targets

    • Target

      fd4845cd7deef68fc57b4dd6c1c4806686145657a2be08c4d46b167c9df303ce

    • Size

      588KB

    • MD5

      025387dd4f24847516237f55e913bad5

    • SHA1

      2010e8f192449436731f14fd756239f7bad03755

    • SHA256

      fd4845cd7deef68fc57b4dd6c1c4806686145657a2be08c4d46b167c9df303ce

    • SHA512

      fef98c75716596bf6d0b77ce8ca63cca5558fe7aa679f7c7553408768b58fc8e1c2dcef8471451895416beed9413cee103f3118155afdeb531755e73f9d9665c

    • SSDEEP

      12288:qXR2D/HOcfxGk5e3fbbREgC8VrtuqN/IrjD6yVQihlg:qEzOcfxGk5ePbygCI7NUVC

    Score
    8/10
    discoveryevasionspywarestealertrojan

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Windows security modification

      evasiontrojan

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks