Overview

overview

8

Static

static

74829423be...d5.exe

windows7-x64

8

74829423be...d5.exe

windows10-2004-x64

5

Sharing

Copy URL Twitter E-mail

General

  • Target

    74829423bedefec14c64325250534c0803f910bb183ae1ec802d4724afa989d5

  • Size

    190KB

  • Sample

    221129-jmej7sda6x

  • MD5

    dc29903126dc25b507e6acb19b0f9862

  • SHA1

    7141ab5de0350991254954796b1fcc0b28a3d84d

  • SHA256

    74829423bedefec14c64325250534c0803f910bb183ae1ec802d4724afa989d5

  • SHA512

    99ceed709ff37fc4c7827d99d4e2dbc8f441517cf0fec618fa551c684d9f502c8e7f03faa8b49a483dfdf029cc33f29c183daa6bf7a5e49c6050588fba9654f3

  • SSDEEP

    3072:te7HhzASQDcBIDBSEidva/4bUU60sZo2Ijql1Nc2Ti+l20IRPtrf2HPcq3cQ:tIHBIDBSXdJtsZp1Njl20eb2KQ

Score
8/10
persistencespywarestealer

Malware Config

Targets

    • Target

      74829423bedefec14c64325250534c0803f910bb183ae1ec802d4724afa989d5

    • Size

      190KB

    • MD5

      dc29903126dc25b507e6acb19b0f9862

    • SHA1

      7141ab5de0350991254954796b1fcc0b28a3d84d

    • SHA256

      74829423bedefec14c64325250534c0803f910bb183ae1ec802d4724afa989d5

    • SHA512

      99ceed709ff37fc4c7827d99d4e2dbc8f441517cf0fec618fa551c684d9f502c8e7f03faa8b49a483dfdf029cc33f29c183daa6bf7a5e49c6050588fba9654f3

    • SSDEEP

      3072:te7HhzASQDcBIDBSEidva/4bUU60sZo2Ijql1Nc2Ti+l20IRPtrf2HPcq3cQ:tIHBIDBSXdJtsZp1Njl20eb2KQ

    Score
    8/10
    persistencespywarestealer

    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks