Overview

overview

6

Static

static

whatsapp_i...or.exe

windows7-x64

6

whatsapp_i...or.exe

windows10-2004-x64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    993fad16ef9f3db326e281aee082d149746bb6f040ec7d11af4b63f64029a553

  • Size

    1.8MB

  • Sample

    221125-z8n9jaah9y

  • MD5

    a02614d3dc1ad61992b16f7e4b3bfd0d

  • SHA1

    bd72256ad28343b94b14939ca29b2f83d75f4189

  • SHA256

    993fad16ef9f3db326e281aee082d149746bb6f040ec7d11af4b63f64029a553

  • SHA512

    a5bc3072bdb8bdb211f8cd20af436ab6fd1e8a7b724ed9c0ca337c2b3795c746faa60b345ddb2e8f8b9993ee37703796396f4ef279d5f20a5dd44707dd72913e

  • SSDEEP

    49152:ZQJ4/JRUvSugiLXEvoXRycjH0KF7GFCBEEH46ZOoPy:ZC2J66StXRycjUKJgxmPy

Score
6/10
collectionpersistence

Malware Config

Targets

    • Target

      whatsapp_instalador.exe

    • Size

      1.8MB

    • MD5

      12ccc6110263e5897cd4e46f8d4650d6

    • SHA1

      05e0a1118fbd7ad820202511e8daf9ccca654b5f

    • SHA256

      3a49b660f81c66e17894f19222c24719af63275376cf21714eed6b28629be86e

    • SHA512

      0806fda202ff3163b0bf0e21e7f71428594ab77c296f29a9c9efacacf6eba5b04ff505d50c0b50d1cf842938ba3122e0408c387132490e2bccbd014030c7cf53

    • SSDEEP

      49152:Vj0w/x7GGdWl/MyQZouaSb8KBHKrXtzXs7:/x76FMPo1IHKbtz

    Score
    6/10
    collectionpersistence

    • Accesses Microsoft Outlook profiles

      collection

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks