Overview

overview

8

Static

static

31bac6a65c...e6.exe

windows7-x64

8

31bac6a65c...e6.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    31bac6a65cc8d9acddaa20713ea2f25674e824c0fadf2a63d8ac9c6c01b68be6

  • Size

    255KB

  • Sample

    221127-ykt97sdh34

  • MD5

    dc18d6c13a02b6b718ac757a021fd1de

  • SHA1

    af1d202faea3831d0cc57466b9686fa34dcf21c5

  • SHA256

    31bac6a65cc8d9acddaa20713ea2f25674e824c0fadf2a63d8ac9c6c01b68be6

  • SHA512

    82c2639ea24793ad1eef19a84b388327ebf1744e1ae5736f02e0f0e0ac21efd25f93ac6d277f5a8bbde57d941681699a1ab574dbda4de696a530bfe30f957682

  • SSDEEP

    6144:bpXbhU5GPtkUtyg89TiqdUyrmII8CBaSlHRQ08Ggsm:xbhKepyhTVU+jMHR58Ggs

Score
8/10
persistencespywarestealerupx

Malware Config

Targets

    • Target

      31bac6a65cc8d9acddaa20713ea2f25674e824c0fadf2a63d8ac9c6c01b68be6

    • Size

      255KB

    • MD5

      dc18d6c13a02b6b718ac757a021fd1de

    • SHA1

      af1d202faea3831d0cc57466b9686fa34dcf21c5

    • SHA256

      31bac6a65cc8d9acddaa20713ea2f25674e824c0fadf2a63d8ac9c6c01b68be6

    • SHA512

      82c2639ea24793ad1eef19a84b388327ebf1744e1ae5736f02e0f0e0ac21efd25f93ac6d277f5a8bbde57d941681699a1ab574dbda4de696a530bfe30f957682

    • SSDEEP

      6144:bpXbhU5GPtkUtyg89TiqdUyrmII8CBaSlHRQ08Ggsm:xbhKepyhTVU+jMHR58Ggs

    Score
    8/10
    persistencespywarestealerupx

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks