Overview

overview

8

Static

static

02496f3a47...00.exe

windows7-x64

8

02496f3a47...00.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    02496f3a4740c1bab457c3e89ba36f7a1b3ab6f932dffffd02e3d9dd4c544500

  • Size

    328KB

  • Sample

    221201-g5w6vsfe8x

  • MD5

    5b4de478c947277c0e6d13d5c73f6584

  • SHA1

    8b2f2c9d7013c55b41c3d7ded7682148a3f6a7a9

  • SHA256

    02496f3a4740c1bab457c3e89ba36f7a1b3ab6f932dffffd02e3d9dd4c544500

  • SHA512

    cd88f8f9e4777244ef80cfe5221d9e0cf102851b3229fb7d13d4cc7159a427771241552708e4c645540f2a2e42410283a0767d26cda5ce63aff0bb9bde9e0462

  • SSDEEP

    3072:mxVyS1/ob6ss17c0KafLw8xu1hESacqsOPel89/zeFKMiGQFSonGogH2Ud1CuhMz:2j/1l1mcLonPsel891MiGQFSoGX4Vdr

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      02496f3a4740c1bab457c3e89ba36f7a1b3ab6f932dffffd02e3d9dd4c544500

    • Size

      328KB

    • MD5

      5b4de478c947277c0e6d13d5c73f6584

    • SHA1

      8b2f2c9d7013c55b41c3d7ded7682148a3f6a7a9

    • SHA256

      02496f3a4740c1bab457c3e89ba36f7a1b3ab6f932dffffd02e3d9dd4c544500

    • SHA512

      cd88f8f9e4777244ef80cfe5221d9e0cf102851b3229fb7d13d4cc7159a427771241552708e4c645540f2a2e42410283a0767d26cda5ce63aff0bb9bde9e0462

    • SSDEEP

      3072:mxVyS1/ob6ss17c0KafLw8xu1hESacqsOPel89/zeFKMiGQFSonGogH2Ud1CuhMz:2j/1l1mcLonPsel891MiGQFSoGX4Vdr

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks