Overview

overview

8

Static

static

8

db6ef0fb8a...5d.exe

windows7-x64

8

db6ef0fb8a...5d.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d

  • Size

    312KB

  • Sample

    221107-vsazrahdb5

  • MD5

    0fc898ac90039678acb755f4bc8a40e2

  • SHA1

    de01e232b99b995a90dc6713449774c3655c251e

  • SHA256

    db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d

  • SHA512

    b85505c735974076eabb5690b4747c79d48f79ec271cd64f9c754d543380feecbedb5539daffd51637fdbcd418362ae5aa05928c37eded09acddfa7aa6857ca9

  • SSDEEP

    6144:PVzc8JNX3lnTPL2STxinek3hiA7rXIB/qfunfieFlk9:Zc8L3lnH2Snk3YA7rXIBCGnKeQ9

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d

    • Size

      312KB

    • MD5

      0fc898ac90039678acb755f4bc8a40e2

    • SHA1

      de01e232b99b995a90dc6713449774c3655c251e

    • SHA256

      db6ef0fb8a09e3e193f32e8bdc55ed75e8c3c88a2a081fd97bc068902f82ee5d

    • SHA512

      b85505c735974076eabb5690b4747c79d48f79ec271cd64f9c754d543380feecbedb5539daffd51637fdbcd418362ae5aa05928c37eded09acddfa7aa6857ca9

    • SSDEEP

      6144:PVzc8JNX3lnTPL2STxinek3hiA7rXIB/qfunfieFlk9:Zc8L3lnH2Snk3YA7rXIBCGnKeQ9

    Score
    8/10
    spywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks