Overview

overview

9

Static

static

86996493aa...94.exe

windows7-x64

9

86996493aa...94.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86996493aa0ded11e25ef5a21e45beb22f887c30a87097aea0ad5c274808b794

  • Size

    634KB

  • Sample

    221125-xz7y6sce3w

  • MD5

    a94c870e39993f6b9eadf4810dc1d8c0

  • SHA1

    4257249486dd3f966aa25aadd8c0865465dafaaa

  • SHA256

    86996493aa0ded11e25ef5a21e45beb22f887c30a87097aea0ad5c274808b794

  • SHA512

    7699fd1e3053858234a13eab5ac86968f739aa3afbfc9ae6245ac897ae6448c14ac7ea131a5361837c9fadd1e0d947506a33291367cc199107cfb89fea97f75b

  • SSDEEP

    12288:77CTw+aL8p301mSXWGQAWli3Genad9m9/FTyt6/JpnLwnOGv9k5A+lJL5aQ:77uwvL8p304SXWGQAWli3xnaPoFTy2bV

Score
9/10
spywarestealerupx

Malware Config

Targets

    • Target

      86996493aa0ded11e25ef5a21e45beb22f887c30a87097aea0ad5c274808b794

    • Size

      634KB

    • MD5

      a94c870e39993f6b9eadf4810dc1d8c0

    • SHA1

      4257249486dd3f966aa25aadd8c0865465dafaaa

    • SHA256

      86996493aa0ded11e25ef5a21e45beb22f887c30a87097aea0ad5c274808b794

    • SHA512

      7699fd1e3053858234a13eab5ac86968f739aa3afbfc9ae6245ac897ae6448c14ac7ea131a5361837c9fadd1e0d947506a33291367cc199107cfb89fea97f75b

    • SSDEEP

      12288:77CTw+aL8p301mSXWGQAWli3Genad9m9/FTyt6/JpnLwnOGv9k5A+lJL5aQ:77uwvL8p304SXWGQAWli3xnaPoFTy2bV

    Score
    9/10
    spywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks