Overview

overview

8

Static

static

8

185c08f63d...28.exe

windows7-x64

8

185c08f63d...28.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    185c08f63df82a35c6b4ac0c11c522a98474091b3ae1c1a9fb802bac56a3fa28

  • Size

    895KB

  • Sample

    221125-v9sacsgb3y

  • MD5

    5a611265f939e493c55d2576e16849a8

  • SHA1

    508d2790811539261fcd232c5f07d1cff173c04f

  • SHA256

    185c08f63df82a35c6b4ac0c11c522a98474091b3ae1c1a9fb802bac56a3fa28

  • SHA512

    dfc82647dbd43b549c53b57a2ae06f934c6ccbdc443cb08b183a14cc21e6bdf229d2c4c8e8f0212fd1099422e0c09676e79e94cb462f7cde764545b60c09600d

  • SSDEEP

    24576:zoKVzFr/NwVAPkzMe89f4/tbDZNBYD2ctKgX:UKVzQP6f4/JDbBYD2cthX

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      185c08f63df82a35c6b4ac0c11c522a98474091b3ae1c1a9fb802bac56a3fa28

    • Size

      895KB

    • MD5

      5a611265f939e493c55d2576e16849a8

    • SHA1

      508d2790811539261fcd232c5f07d1cff173c04f

    • SHA256

      185c08f63df82a35c6b4ac0c11c522a98474091b3ae1c1a9fb802bac56a3fa28

    • SHA512

      dfc82647dbd43b549c53b57a2ae06f934c6ccbdc443cb08b183a14cc21e6bdf229d2c4c8e8f0212fd1099422e0c09676e79e94cb462f7cde764545b60c09600d

    • SSDEEP

      24576:zoKVzFr/NwVAPkzMe89f4/tbDZNBYD2ctKgX:UKVzQP6f4/JDbBYD2cthX

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks