Overview

overview

8

Static

static

8

a9f7907143...29.exe

windows7-x64

8

a9f7907143...29.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a9f79071437a878080914bdfb1f107ac92e3537773298aeddef2a7fc17279d29

  • Size

    84KB

  • Sample

    221127-fsm7rafb6w

  • MD5

    a2c9e147b573ccf836849e940dae51b1

  • SHA1

    698dbdd397dc0e899f697092068bcb936444c202

  • SHA256

    a9f79071437a878080914bdfb1f107ac92e3537773298aeddef2a7fc17279d29

  • SHA512

    074cca0f93abf3174c6736cf48e1b3668ef63a918a4b73b2d12141c5baf64180338d8084f6d187c52ef3ce6bda7a1d3b897c45b1191c73e629d06993b8038d25

  • SSDEEP

    1536:7OwZfhFVqFqArpiABStX3KYL6LIrebnvaQCN5caDhrn0H0+9fbFyyUv:7NhhFVvQHgtZLsITQQGa90Lu

Score
8/10
spywarestealervmprotect

Malware Config

Targets

    • Target

      a9f79071437a878080914bdfb1f107ac92e3537773298aeddef2a7fc17279d29

    • Size

      84KB

    • MD5

      a2c9e147b573ccf836849e940dae51b1

    • SHA1

      698dbdd397dc0e899f697092068bcb936444c202

    • SHA256

      a9f79071437a878080914bdfb1f107ac92e3537773298aeddef2a7fc17279d29

    • SHA512

      074cca0f93abf3174c6736cf48e1b3668ef63a918a4b73b2d12141c5baf64180338d8084f6d187c52ef3ce6bda7a1d3b897c45b1191c73e629d06993b8038d25

    • SSDEEP

      1536:7OwZfhFVqFqArpiABStX3KYL6LIrebnvaQCN5caDhrn0H0+9fbFyyUv:7NhhFVvQHgtZLsITQQGa90Lu

    Score
    8/10
    spywarestealervmprotect

    • Executes dropped EXE

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

      vmprotect

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1
T1081

Discovery

Lateral Movement

Collection

Data from Local System

1
T1005

Exfiltration

Command and Control

Impact

Tasks