Overview

overview

8

Static

static

3d6f916e3b...f8.exe

windows7-x64

8

3d6f916e3b...f8.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d6f916e3b3089c2eae02306e3cdafff37a5d20d59c38761658b539a9f1987f8

  • Size

    800KB

  • Sample

    221125-c2bnjaeh35

  • MD5

    e25b66d6431bdc5b52b5b5346047927e

  • SHA1

    93b0ce5ea32d7f419a58e85e45569ea06dc12865

  • SHA256

    3d6f916e3b3089c2eae02306e3cdafff37a5d20d59c38761658b539a9f1987f8

  • SHA512

    41a94ef400b26e0c3b6d019bbde169dddb7f785c99ed7df879fff0a0a87faa7740e7f6431b25d19f4e30e4294c90b9f1134bef49c2c8d2a9c58f1cb447fbcd95

  • SSDEEP

    12288:fnEWz2cqhqgaL8uGrYtOVQXY/0UQ5Z3OKn+ZMVv0Oc537UinYbeypW9zgwv9Rhw:fKhqgaouGrYuQo/Jy3OK+8jc5r1I49

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      3d6f916e3b3089c2eae02306e3cdafff37a5d20d59c38761658b539a9f1987f8

    • Size

      800KB

    • MD5

      e25b66d6431bdc5b52b5b5346047927e

    • SHA1

      93b0ce5ea32d7f419a58e85e45569ea06dc12865

    • SHA256

      3d6f916e3b3089c2eae02306e3cdafff37a5d20d59c38761658b539a9f1987f8

    • SHA512

      41a94ef400b26e0c3b6d019bbde169dddb7f785c99ed7df879fff0a0a87faa7740e7f6431b25d19f4e30e4294c90b9f1134bef49c2c8d2a9c58f1cb447fbcd95

    • SSDEEP

      12288:fnEWz2cqhqgaL8uGrYtOVQXY/0UQ5Z3OKn+ZMVv0Oc537UinYbeypW9zgwv9Rhw:fKhqgaouGrYuQo/Jy3OK+8jc5r1I49

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks