Overview

overview

10

Static

static

ecef06cce4...89.exe

windows7-x64

7

ecef06cce4...89.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecef06cce43e352b38f6375ec8395094111e985ff075071dba456f43f32ddb89

  • Size

    92KB

  • Sample

    221205-qed22acf58

  • MD5

    d173fa568e03d8fe35a36d72e5028cc5

  • SHA1

    aa98a12bc226f79a3e3eebda3461c225434afe70

  • SHA256

    ecef06cce43e352b38f6375ec8395094111e985ff075071dba456f43f32ddb89

  • SHA512

    986f575eb94407df4795d554ebab460220c47e05a031435cf6b1d3cfd79ca6cb54904716bb2b6c9d5e336f9b35fa29a13a66f2ca32eb98c0320bfab10c5e3dd5

  • SSDEEP

    1536:/a0kJO8PwA5DPNRUiRrVthIeqQJcRebXKvDNALKbR1XVOH:S9pfU0VthPqQJkebToXVOH

Score
10/10
evasionpersistencespywarestealertrojan

Malware Config

Targets

    • Target

      ecef06cce43e352b38f6375ec8395094111e985ff075071dba456f43f32ddb89

    • Size

      92KB

    • MD5

      d173fa568e03d8fe35a36d72e5028cc5

    • SHA1

      aa98a12bc226f79a3e3eebda3461c225434afe70

    • SHA256

      ecef06cce43e352b38f6375ec8395094111e985ff075071dba456f43f32ddb89

    • SHA512

      986f575eb94407df4795d554ebab460220c47e05a031435cf6b1d3cfd79ca6cb54904716bb2b6c9d5e336f9b35fa29a13a66f2ca32eb98c0320bfab10c5e3dd5

    • SSDEEP

      1536:/a0kJO8PwA5DPNRUiRrVthIeqQJcRebXKvDNALKbR1XVOH:S9pfU0VthPqQJkebToXVOH

    Score
    10/10
    persistencespywarestealerevasiontrojan

    • UAC bypass

      evasiontrojan

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks