Overview

overview

10

Static

static

e4f7a40faf...ae.exe

windows7-x64

10

e4f7a40faf...ae.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    e4f7a40faff4ec8ad8feb4b3b2aa54bb8060470438bad737f4d8c4a074f09dae

  • Size

    622KB

  • Sample

    221204-qngvaagc4x

  • MD5

    4b52e1da2e800ca4ea9db4d5f5288238

  • SHA1

    8a199c2f8bba20fc6146e30399544ce406f88410

  • SHA256

    e4f7a40faff4ec8ad8feb4b3b2aa54bb8060470438bad737f4d8c4a074f09dae

  • SHA512

    5cf3683cbe6d8eceea4d4192794ca17a471fce9d135183cd5d2b8e452a077e67a34f280490c0925416d0c7d485f640c5bfab3e19319f142ee2b2fb1e1d2aa4fe

  • SSDEEP

    12288:9o7YNQXQDzdYD/jGW/nSpVAn8GxyxOzauUPnIpVyKCFJo:OwQORHW/nS3A8G8kVCFJo

Score
10/10
evasionspywarestealertrojan

Malware Config

Targets

    • Target

      e4f7a40faff4ec8ad8feb4b3b2aa54bb8060470438bad737f4d8c4a074f09dae

    • Size

      622KB

    • MD5

      4b52e1da2e800ca4ea9db4d5f5288238

    • SHA1

      8a199c2f8bba20fc6146e30399544ce406f88410

    • SHA256

      e4f7a40faff4ec8ad8feb4b3b2aa54bb8060470438bad737f4d8c4a074f09dae

    • SHA512

      5cf3683cbe6d8eceea4d4192794ca17a471fce9d135183cd5d2b8e452a077e67a34f280490c0925416d0c7d485f640c5bfab3e19319f142ee2b2fb1e1d2aa4fe

    • SSDEEP

      12288:9o7YNQXQDzdYD/jGW/nSpVAn8GxyxOzauUPnIpVyKCFJo:OwQORHW/nS3A8G8kVCFJo

    Score
    10/10
    evasionspywarestealertrojan

    • UAC bypass

      evasiontrojan

    • Windows security bypass

      evasiontrojan

    • Drops file in Drivers directory

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Windows security modification

      evasiontrojan

    • Checks whether UAC is enabled

      evasiontrojan

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks