8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9 | Triage

Submit
Reports

Overview

overview

8

Static

static

dridex

windows10-2004-x64

8

Sharing

General

Target

8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9
Size

265KB
Sample

221126-apkdsscd9s
MD5

16d5bb71cd8b410cdde68344172ce826
SHA1

a9a7999d33708c5dc55aa6f7e4649995b2fe9201
SHA256

8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9
SHA512

ff6101e7d6ab639c7db8cb7656f8c757048246fb2ee5f214a4b969cca894a55b81a1044d776396f311675453faef402ef2aeb8ad648316319c0bbfa4a881e433
SSDEEP

3072:ohNhrDI0wRH/Vs9/j2NiMen421sFKBRc8IYqfXvo4JEf40tQ0FN:Ek0wRH/Vs9/gin42kCDr+wi0tQ

Score

8^/10

collection discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9.exe

Resource

win10v2004-20220901-en

collection discovery spyware stealer

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9
- Size
  
  265KB
- MD5
  
  16d5bb71cd8b410cdde68344172ce826
- SHA1
  
  a9a7999d33708c5dc55aa6f7e4649995b2fe9201
- SHA256
  
  8f47cec3040c7c9fcf77deb3ee2c794e605c66c142f402ffeb38d0451ac9c3c9
- SHA512
  
  ff6101e7d6ab639c7db8cb7656f8c757048246fb2ee5f214a4b969cca894a55b81a1044d776396f311675453faef402ef2aeb8ad648316319c0bbfa4a881e433
- SSDEEP
  
  3072:ohNhrDI0wRH/Vs9/j2NiMen421sFKBRc8IYqfXvo4JEf40tQ0FN:Ek0wRH/Vs9/gin42kCDr+wi0tQ
Score

8^/10

collection discovery spyware stealer
- Blocklisted process makes network request
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

collectiondiscoveryspywarestealer

© 2018-2024

Terms | Privacy