Overview

overview

10

Static

static

BugResult.exe

windows7-x64

10

BugResult.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c8bd208dbed4bc32f52987dc1844980925a28d49ed9289e347db123674c4364

  • Size

    618KB

  • Sample

    221125-xz94jahd98

  • MD5

    d40d545c3f31ccf2435a2e3d8a61c6c1

  • SHA1

    493c32b735fae9532e983f305f82beafce88482b

  • SHA256

    2c8bd208dbed4bc32f52987dc1844980925a28d49ed9289e347db123674c4364

  • SHA512

    4a26a9eec8bd218a10b111fec7c4cb12899b442de36b8270891318fd572c255669dccc8e4ca65b99ffdbb53f1499e2a6987348c0bf2d86fefafd998505c38f5d

  • SSDEEP

    12288:dQEjD8YMTq/8EPq3Z4V32z1+ZbJeMhCRiM9D3x0BBvZ:dj4vTIi3Z3ZUThCRv53x0jvZ

Score
10/10
collectionspywarestealerupx

Malware Config

Extracted

Credentials

  • Protocol:     ftp
  • Host:
    ftp.myftp.xzn.ir
  • Port:
    21
  • Username:
    u323025520.myftp
  • Password:
    123456

Targets

    • Target

      BugResult.exe

    • Size

      634KB

    • MD5

      a94c870e39993f6b9eadf4810dc1d8c0

    • SHA1

      4257249486dd3f966aa25aadd8c0865465dafaaa

    • SHA256

      86996493aa0ded11e25ef5a21e45beb22f887c30a87097aea0ad5c274808b794

    • SHA512

      7699fd1e3053858234a13eab5ac86968f739aa3afbfc9ae6245ac897ae6448c14ac7ea131a5361837c9fadd1e0d947506a33291367cc199107cfb89fea97f75b

    • SSDEEP

      12288:77CTw+aL8p301mSXWGQAWli3Genad9m9/FTyt6/JpnLwnOGv9k5A+lJL5aQ:77uwvL8p304SXWGQAWli3xnaPoFTy2bV

    Score
    10/10
    collectionspywarestealerupx

    • NirSoft MailPassView

      Password recovery tool for various email clients

    • NirSoft WebBrowserPassView

      Password recovery tool for various web browsers

    • Nirsoft

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook accounts

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks