Overview

overview

8

Static

static

bff60421a8...0a.exe

windows7-x64

8

bff60421a8...0a.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bff60421a8a767bf8068ec7753db6f6bc0c7c1bd51dc484270e13dbf4a65910a

  • Size

    931KB

  • Sample

    221124-yke6aaaa21

  • MD5

    e2edda3f70459366a5bf44a14dcf36eb

  • SHA1

    fc707b1ac041abb7a7ec7adaf8891eaf73785bc8

  • SHA256

    bff60421a8a767bf8068ec7753db6f6bc0c7c1bd51dc484270e13dbf4a65910a

  • SHA512

    81a381bf8b38fc236010635f2fb95e23928573495011fbe371399c867f10d447efc7ec4d05b736583264e52a687655949e3dd117cf47490d0ab0ee94035f0f07

  • SSDEEP

    24576:h1OYdaOpCZ/iWCvu/2sWsJA/jlt+DHhsv:h1OsXCpYO/dJJDHhsv

Score
8/10
discoveryspywarestealer

Malware Config

Targets

    • Target

      bff60421a8a767bf8068ec7753db6f6bc0c7c1bd51dc484270e13dbf4a65910a

    • Size

      931KB

    • MD5

      e2edda3f70459366a5bf44a14dcf36eb

    • SHA1

      fc707b1ac041abb7a7ec7adaf8891eaf73785bc8

    • SHA256

      bff60421a8a767bf8068ec7753db6f6bc0c7c1bd51dc484270e13dbf4a65910a

    • SHA512

      81a381bf8b38fc236010635f2fb95e23928573495011fbe371399c867f10d447efc7ec4d05b736583264e52a687655949e3dd117cf47490d0ab0ee94035f0f07

    • SSDEEP

      24576:h1OYdaOpCZ/iWCvu/2sWsJA/jlt+DHhsv:h1OsXCpYO/dJJDHhsv

    Score
    8/10
    discoveryspywarestealer

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Drops Chrome extension

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks