Overview

overview

8

Static

static

d447229a30...ab.exe

windows7-x64

8

d447229a30...ab.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    d447229a304c17545584caf6c4129839ce091bd9a97ae824640212e6683772ab

  • Size

    828KB

  • Sample

    221206-jqn8tabe9s

  • MD5

    912a00dd7d2e829364d7c2778d728707

  • SHA1

    558cff5d1799a78c972835d25f7dbb9c2552e5a7

  • SHA256

    d447229a304c17545584caf6c4129839ce091bd9a97ae824640212e6683772ab

  • SHA512

    b0800aa44fd9d474c794ae712ac354fd062704245495232e9c97ef992a4bc82a66208b8776a754659de6d9729b5e79af32e65aa236283734446058e6ecd043cc

  • SSDEEP

    12288:3S9UbS+aTyCqnI1oThbeFimjhOUmH7N1aEPaC66XBgbWZihYSioAz0k72NCry:3SC4TyCJCVi01UmHax4AWZNDokeNCr

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      d447229a304c17545584caf6c4129839ce091bd9a97ae824640212e6683772ab

    • Size

      828KB

    • MD5

      912a00dd7d2e829364d7c2778d728707

    • SHA1

      558cff5d1799a78c972835d25f7dbb9c2552e5a7

    • SHA256

      d447229a304c17545584caf6c4129839ce091bd9a97ae824640212e6683772ab

    • SHA512

      b0800aa44fd9d474c794ae712ac354fd062704245495232e9c97ef992a4bc82a66208b8776a754659de6d9729b5e79af32e65aa236283734446058e6ecd043cc

    • SSDEEP

      12288:3S9UbS+aTyCqnI1oThbeFimjhOUmH7N1aEPaC66XBgbWZihYSioAz0k72NCry:3SC4TyCJCVi01UmHax4AWZNDokeNCr

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks