Overview

overview

8

Static

static

0ee926f443...9e.rtf

windows7-x64

8

0ee926f443...9e.rtf

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0ee926f443c66a0d47365dbb6d21dcea6f6624e730c99f47cfb492ee2832419e

  • Size

    701KB

  • Sample

    221123-lktmfsfa8x

  • MD5

    1cf37a0a8a5f5704a3df692d84a16a71

  • SHA1

    314cc8e545317e97ec397f6e944bbb0b62bd1c59

  • SHA256

    0ee926f443c66a0d47365dbb6d21dcea6f6624e730c99f47cfb492ee2832419e

  • SHA512

    90b00d115208fbc27b0940c3ca6d881d5d70c5793cb020c313167a320174aa4bec17cfcc62366cde0a960eaa15a54be22273538845e92e588c809d845f4e7c2a

  • SSDEEP

    6144:vu1JM1zYqIhW+ku7Dt3y39UECGdKlOQENpfjwLwIa6PheExJCRrkP9Jy:XzYqWf93ECGdKlhKxIa6PzJ/y

Score
8/10
discoverypersistencespywarestealer

Malware Config

Targets

    • Target

      0ee926f443c66a0d47365dbb6d21dcea6f6624e730c99f47cfb492ee2832419e

    • Size

      701KB

    • MD5

      1cf37a0a8a5f5704a3df692d84a16a71

    • SHA1

      314cc8e545317e97ec397f6e944bbb0b62bd1c59

    • SHA256

      0ee926f443c66a0d47365dbb6d21dcea6f6624e730c99f47cfb492ee2832419e

    • SHA512

      90b00d115208fbc27b0940c3ca6d881d5d70c5793cb020c313167a320174aa4bec17cfcc62366cde0a960eaa15a54be22273538845e92e588c809d845f4e7c2a

    • SSDEEP

      6144:vu1JM1zYqIhW+ku7Dt3y39UECGdKlOQENpfjwLwIa6PheExJCRrkP9Jy:XzYqWf93ECGdKlhKxIa6PzJ/y

    Score
    8/10
    discoverypersistencespywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks