Overview

overview

7

Static

static

8f7f4476d1...4f.exe

windows7-x64

7

8f7f4476d1...4f.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8f7f4476d157fefcd825a1456d723eed79f51b132954915726b637fd992cfc4f

  • Size

    224KB

  • Sample

    221124-ervprsbe51

  • MD5

    68e7280a89fde79cdf42db10144734b0

  • SHA1

    10cbe3651b21c15c009f123c4b694ddaff19d7df

  • SHA256

    8f7f4476d157fefcd825a1456d723eed79f51b132954915726b637fd992cfc4f

  • SHA512

    2406033cebb884bf6844362303cb6eba8c5740880447cf77d35b3fc6cb8b2629e0665bf048e21063fe9952473323586ef757718c4a230b3a3d0568f99788c95a

  • SSDEEP

    3072:hg7wCSYVYptKi7jAh2hG/qWJ4ABoXKUQsaaQqb7VTPnDPymhkVSIWCnpeqQT:hPYG/ABqEBoVZb7NPLctpzQT

Score
7/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      8f7f4476d157fefcd825a1456d723eed79f51b132954915726b637fd992cfc4f

    • Size

      224KB

    • MD5

      68e7280a89fde79cdf42db10144734b0

    • SHA1

      10cbe3651b21c15c009f123c4b694ddaff19d7df

    • SHA256

      8f7f4476d157fefcd825a1456d723eed79f51b132954915726b637fd992cfc4f

    • SHA512

      2406033cebb884bf6844362303cb6eba8c5740880447cf77d35b3fc6cb8b2629e0665bf048e21063fe9952473323586ef757718c4a230b3a3d0568f99788c95a

    • SSDEEP

      3072:hg7wCSYVYptKi7jAh2hG/qWJ4ABoXKUQsaaQqb7VTPnDPymhkVSIWCnpeqQT:hPYG/ABqEBoVZb7NPLctpzQT

    Score
    7/10
    discoveryspywarestealer

    • Reads data files stored by FTP clients

      Tries to access configuration files associated with programs like FileZilla.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks