Overview

overview

8

Static

static

69498e1f8f...24.exe

windows7-x64

8

69498e1f8f...24.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    69498e1f8f5c975ffc3e98e2f1e562a308204daf80d8d6f99db075a1927e3c24

  • Size

    1.2MB

  • Sample

    221201-emxnkacf22

  • MD5

    53696819d4a5aa697ba94f8ecfa5210c

  • SHA1

    cbc476ca4a93d1fcca34d0f7bffa52cb3449c012

  • SHA256

    69498e1f8f5c975ffc3e98e2f1e562a308204daf80d8d6f99db075a1927e3c24

  • SHA512

    fb3fe785e351f6670f2d2aa3f3e408f1b34f14818bd5f4814957ab12b41c5b392f1278e06135891c3604f400d4b17495052caff81e2d466e320048cd70432566

  • SSDEEP

    12288:JPHuFlXHdoOBUoAKK9cmdhaMuE+0AAPL43ePQ0AJ8Qndu+VMlWBli400QGXYmUQQ:Ruz3dxLBqaVcoIQdurolV05g+BVMJaD

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      69498e1f8f5c975ffc3e98e2f1e562a308204daf80d8d6f99db075a1927e3c24

    • Size

      1.2MB

    • MD5

      53696819d4a5aa697ba94f8ecfa5210c

    • SHA1

      cbc476ca4a93d1fcca34d0f7bffa52cb3449c012

    • SHA256

      69498e1f8f5c975ffc3e98e2f1e562a308204daf80d8d6f99db075a1927e3c24

    • SHA512

      fb3fe785e351f6670f2d2aa3f3e408f1b34f14818bd5f4814957ab12b41c5b392f1278e06135891c3604f400d4b17495052caff81e2d466e320048cd70432566

    • SSDEEP

      12288:JPHuFlXHdoOBUoAKK9cmdhaMuE+0AAPL43ePQ0AJ8Qndu+VMlWBli400QGXYmUQQ:Ruz3dxLBqaVcoIQdurolV05g+BVMJaD

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks