ba1f50e519abf2bda8f392321e6459ea6884023bd1d95085bd5189f25e15bcb0 | Triage

Submit
Reports

Overview

overview

8

Static

static

Serpodtudpwhhta.dll

windows7-x64

8

Serpodtudpwhhta.dll

windows10-2004-x64

8

Sharing

General

Target

Serpodtudpwhhta.dll
Size

4.3MB
Sample

221129-vx6l8aaa49
MD5

d655d63c333b99837e91ddd62a6f54b1
SHA1

eafb8132ab5d441bd24121db5d3d65880a68c0be
SHA256

ba1f50e519abf2bda8f392321e6459ea6884023bd1d95085bd5189f25e15bcb0
SHA512

8e39ac896100f7b2c7e68f9217fad56776780c2daa67f1eb6a31a3efca81c9cbaae3b640abb14188e997132bf078348ccaf3af34344d95baa9f52dfad5137c9b
SSDEEP

98304:2Ekp3AUUgGFofLw++PxAbc5rh5Ar/04TAIP:gp31UtFmLw95Abc5rh5Ar/NTA

Score

8^/10

collection discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

Serpodtudpwhhta.dll

Resource

win7-20220901-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

Serpodtudpwhhta.dll

Resource

win10v2004-20220901-en

collection discovery spyware stealer

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  Serpodtudpwhhta.dll
- Size
  
  4.3MB
- MD5
  
  d655d63c333b99837e91ddd62a6f54b1
- SHA1
  
  eafb8132ab5d441bd24121db5d3d65880a68c0be
- SHA256
  
  ba1f50e519abf2bda8f392321e6459ea6884023bd1d95085bd5189f25e15bcb0
- SHA512
  
  8e39ac896100f7b2c7e68f9217fad56776780c2daa67f1eb6a31a3efca81c9cbaae3b640abb14188e997132bf078348ccaf3af34344d95baa9f52dfad5137c9b
- SSDEEP
  
  98304:2Ekp3AUUgGFofLw++PxAbc5rh5Ar/04TAIP:gp31UtFmLw95Abc5rh5Ar/NTA
Score

8^/10

collection discovery spyware stealer
- Blocklisted process makes network request
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook accounts
  collection
- Accesses Microsoft Outlook profiles
  collection
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2

collectiondiscoveryspywarestealer

© 2018-2024

Terms | Privacy