Overview

overview

8

Static

static

e95a850d33...96.exe

windows7-x64

8

e95a850d33...96.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    e95a850d3398c50f2e279d8ec9088c9ee6aad5e972c8e7ddf3fbea7c79235696

  • Size

    948KB

  • Sample

    221201-tyl4jabb31

  • MD5

    aa188a555484060324f7f8bd4cfc5685

  • SHA1

    1ee8beceea23a65d4ce4f73c2f9cd204fc1edd5c

  • SHA256

    e95a850d3398c50f2e279d8ec9088c9ee6aad5e972c8e7ddf3fbea7c79235696

  • SHA512

    bd748412bcc8b0daf0c802d6841752203fb8453700ac8d512796b8f08f0d4f5d1bd62ffa94b48bf1d16850171d8f75511ab2c1a1c6157bd3e9d262d87adb25fb

  • SSDEEP

    24576:1suRotmxC+hsHlsgPcvyXUcSZSHcr9S6ByOb:auKtmxCXHhPlUcSZ7UiyO

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      e95a850d3398c50f2e279d8ec9088c9ee6aad5e972c8e7ddf3fbea7c79235696

    • Size

      948KB

    • MD5

      aa188a555484060324f7f8bd4cfc5685

    • SHA1

      1ee8beceea23a65d4ce4f73c2f9cd204fc1edd5c

    • SHA256

      e95a850d3398c50f2e279d8ec9088c9ee6aad5e972c8e7ddf3fbea7c79235696

    • SHA512

      bd748412bcc8b0daf0c802d6841752203fb8453700ac8d512796b8f08f0d4f5d1bd62ffa94b48bf1d16850171d8f75511ab2c1a1c6157bd3e9d262d87adb25fb

    • SSDEEP

      24576:1suRotmxC+hsHlsgPcvyXUcSZSHcr9S6ByOb:auKtmxCXHhPlUcSZ7UiyO

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks