Overview

overview

8

Static

static

5a1f85170b...42.exe

windows7-x64

8

5a1f85170b...42.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142

  • Size

    818KB

  • Sample

    221206-y3fjrsad36

  • MD5

    ee53aebccbb766f12de4907951152921

  • SHA1

    9cd7f7ad7bf28680db84eac6f6d829dd30f997e6

  • SHA256

    5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142

  • SHA512

    828ed6645be03c337587af1883d78f35e3ad7cb23af546ad7a8af62b336abf0b76c05cc33f780f32b121bc1ac1625c5494fb41b2abbc1227f13a26f974d070d3

  • SSDEEP

    12288:pCq9PMFMMOZyyY3gH27L1aXbYwt2MJFu/EUgXyWJYJKw7S3L0V4/ok7Srp5zp:pC+PMz4Ul074VPKIKw+W4tWl5zp

Score
8/10
discoverypersistencespywarestealerupx

Malware Config

Targets

    • Target

      5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142

    • Size

      818KB

    • MD5

      ee53aebccbb766f12de4907951152921

    • SHA1

      9cd7f7ad7bf28680db84eac6f6d829dd30f997e6

    • SHA256

      5a1f85170b60cf4309001b1cf3ebb6789785e51073e8a5c21b2bcfa58b258142

    • SHA512

      828ed6645be03c337587af1883d78f35e3ad7cb23af546ad7a8af62b336abf0b76c05cc33f780f32b121bc1ac1625c5494fb41b2abbc1227f13a26f974d070d3

    • SSDEEP

      12288:pCq9PMFMMOZyyY3gH27L1aXbYwt2MJFu/EUgXyWJYJKw7S3L0V4/ok7Srp5zp:pC+PMz4Ul074VPKIKw+W4tWl5zp

    Score
    8/10
    discoverypersistencespywarestealerupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Adds Run key to start application

      persistence

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks