Overview

overview

8

Static

static

9b39c5e6e3...68.exe

windows7-x64

8

9b39c5e6e3...68.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9b39c5e6e31310602c0c60d84a9158ec43909208f24a12c8ade7c7776b7bbe68

  • Size

    856KB

  • Sample

    221205-nev97she3s

  • MD5

    6d29e866283b0f6c6dc4da6837d98141

  • SHA1

    0975d2167bc429b02a12cc2352e0813ae641d71e

  • SHA256

    9b39c5e6e31310602c0c60d84a9158ec43909208f24a12c8ade7c7776b7bbe68

  • SHA512

    fde8fbc54c8dc22e8479e922e3582994b6fda8ecd612a63c647f818c175325f737fecb5e618583816ef47440b658c48e07b98ea5e21305dee429622fa8178d68

  • SSDEEP

    24576:sgw9zdy8I8NQInWiC7a6thTda6e8Htfn:s5FlI8NQ+WRtlda6p/

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      9b39c5e6e31310602c0c60d84a9158ec43909208f24a12c8ade7c7776b7bbe68

    • Size

      856KB

    • MD5

      6d29e866283b0f6c6dc4da6837d98141

    • SHA1

      0975d2167bc429b02a12cc2352e0813ae641d71e

    • SHA256

      9b39c5e6e31310602c0c60d84a9158ec43909208f24a12c8ade7c7776b7bbe68

    • SHA512

      fde8fbc54c8dc22e8479e922e3582994b6fda8ecd612a63c647f818c175325f737fecb5e618583816ef47440b658c48e07b98ea5e21305dee429622fa8178d68

    • SSDEEP

      24576:sgw9zdy8I8NQInWiC7a6thTda6e8Htfn:s5FlI8NQ+WRtlda6p/

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks