Overview

overview

8

Static

static

8

fa78844f6f...1b.exe

windows7-x64

8

fa78844f6f...1b.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa78844f6f623c8324ce735ac906b493adea65d737e9f5a0d14cc28616762f1b

  • Size

    895KB

  • Sample

    221123-s4xa1sga9x

  • MD5

    da105a1657deff11e373994001e013cc

  • SHA1

    c89665619c0d2581430cb2ff697d5f1d4f575e4b

  • SHA256

    fa78844f6f623c8324ce735ac906b493adea65d737e9f5a0d14cc28616762f1b

  • SHA512

    892867ae6fae254354972b818c0b727d3325ac7733c87da57093fe455b75f371fd1f10456212476e8379f62b48efa1ab53ad641187c57b5912389d0e470b64ed

  • SSDEEP

    24576:ROSergr0Ktsl5Tql4VAjNanLxRv5AyDL8mGhkyfmiTh8:ROG8mEAjNanT5DgSyf9h8

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      fa78844f6f623c8324ce735ac906b493adea65d737e9f5a0d14cc28616762f1b

    • Size

      895KB

    • MD5

      da105a1657deff11e373994001e013cc

    • SHA1

      c89665619c0d2581430cb2ff697d5f1d4f575e4b

    • SHA256

      fa78844f6f623c8324ce735ac906b493adea65d737e9f5a0d14cc28616762f1b

    • SHA512

      892867ae6fae254354972b818c0b727d3325ac7733c87da57093fe455b75f371fd1f10456212476e8379f62b48efa1ab53ad641187c57b5912389d0e470b64ed

    • SSDEEP

      24576:ROSergr0Ktsl5Tql4VAjNanLxRv5AyDL8mGhkyfmiTh8:ROG8mEAjNanT5DgSyf9h8

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks