Overview

overview

8

Static

static

8

77eed2d72a...ca.exe

windows7-x64

8

77eed2d72a...ca.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    77eed2d72a28fca639dfd1269ab2ac3d9a9229e6982306229fc6cae015b6f9ca

  • Size

    106KB

  • Sample

    221128-gvgnesbc55

  • MD5

    ccf8ff587d454902ccd6a308cfac647b

  • SHA1

    6dacbbc8baf38e1a4f3938c27c4608d1da6b8edd

  • SHA256

    77eed2d72a28fca639dfd1269ab2ac3d9a9229e6982306229fc6cae015b6f9ca

  • SHA512

    8d8425156336a40945e25c5eac80f5ee3f01bbfb3ee0358363e71d0a788a686999e0a3559b3e313e4f856b9bc6726a8b52f66820e014b03dac5d628daa1e7d6e

  • SSDEEP

    3072:GefSgCjWQgOsMTbijH0UUsJRGyoutiOMYcYYrm:GaSrgOsIUzUopoSiOK

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      77eed2d72a28fca639dfd1269ab2ac3d9a9229e6982306229fc6cae015b6f9ca

    • Size

      106KB

    • MD5

      ccf8ff587d454902ccd6a308cfac647b

    • SHA1

      6dacbbc8baf38e1a4f3938c27c4608d1da6b8edd

    • SHA256

      77eed2d72a28fca639dfd1269ab2ac3d9a9229e6982306229fc6cae015b6f9ca

    • SHA512

      8d8425156336a40945e25c5eac80f5ee3f01bbfb3ee0358363e71d0a788a686999e0a3559b3e313e4f856b9bc6726a8b52f66820e014b03dac5d628daa1e7d6e

    • SSDEEP

      3072:GefSgCjWQgOsMTbijH0UUsJRGyoutiOMYcYYrm:GaSrgOsIUzUopoSiOK

    Score
    8/10
    spywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks