ba72caf65926d8009e9604e1710cd1e2216f8e7926116a865284954570114800 | Triage

Sharing

General

Target

ba72caf65926d8009e9604e1710cd1e2216f8e7926116a865284954570114800
Size

46KB
Sample

221205-jkknfade61
MD5

b6656bdb28f9dc378887bd983b8d9c81
SHA1

c9251bb5a5d01cd38de9ca4ef590d8f5b2aaaa16
SHA256

ba72caf65926d8009e9604e1710cd1e2216f8e7926116a865284954570114800
SHA512

4e8a1eba9928d0c6c5590a8b3e61332cbda6fb6dc821e3808ab8c23630f63cabf84e1f450e4a161bd9eeed7dc0cff9e353262db4d2dce9e4db7b7d1eb78c0455
SSDEEP

768:a+TuEnMX3HuQ8p/BjEqEXceq+pDWHlQfxbmN:aBRX3DkB1Wceq+EAtmN

Score

10^/10

evasion spyware stealer upx

Malware Config

Targets

- Target
  
  ba72caf65926d8009e9604e1710cd1e2216f8e7926116a865284954570114800
- Size
  
  46KB
- MD5
  
  b6656bdb28f9dc378887bd983b8d9c81
- SHA1
  
  c9251bb5a5d01cd38de9ca4ef590d8f5b2aaaa16
- SHA256
  
  ba72caf65926d8009e9604e1710cd1e2216f8e7926116a865284954570114800
- SHA512
  
  4e8a1eba9928d0c6c5590a8b3e61332cbda6fb6dc821e3808ab8c23630f63cabf84e1f450e4a161bd9eeed7dc0cff9e353262db4d2dce9e4db7b7d1eb78c0455
- SSDEEP
  
  768:a+TuEnMX3HuQ8p/BjEqEXceq+pDWHlQfxbmN:aBRX3DkB1Wceq+EAtmN
Score

10^/10

evasion spyware stealer upx
- Modifies firewall policy service
  evasion
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionspywarestealerupx

behavioral2