Overview

overview

8

Static

static

1

1e99526ad6...b0.exe

windows7-x64

8

1e99526ad6...b0.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    1e99526ad6b74824003dac2fa8f462b0.exe

  • Size

    287KB

  • Sample

    221216-m91bzaef35

  • MD5

    1e99526ad6b74824003dac2fa8f462b0

  • SHA1

    ae81eeeecfdcd96f0ecc325b0bdbcc7ed5398572

  • SHA256

    8e680604d3cc1d3e076282896daa7c004a7c925d199b0cf362074887f7d8d90a

  • SHA512

    5394cf1e3aa0965600711047124669119eeccdb0bf9715d3a747ac31dcc15336e05e5c80e931f582cf234ec8303e4963fe531e9e5fb7bd058d07e1a92ae99b7e

  • SSDEEP

    6144:IkweALjNW/63xaRkAtLFuzL+NsCa5kUiIT6OW2WqvbJHn:3A/5xgtcyLIDmOvW4JH

Score
8/10
spywarestealer

Malware Config

Targets

    • Target

      1e99526ad6b74824003dac2fa8f462b0.exe

    • Size

      287KB

    • MD5

      1e99526ad6b74824003dac2fa8f462b0

    • SHA1

      ae81eeeecfdcd96f0ecc325b0bdbcc7ed5398572

    • SHA256

      8e680604d3cc1d3e076282896daa7c004a7c925d199b0cf362074887f7d8d90a

    • SHA512

      5394cf1e3aa0965600711047124669119eeccdb0bf9715d3a747ac31dcc15336e05e5c80e931f582cf234ec8303e4963fe531e9e5fb7bd058d07e1a92ae99b7e

    • SSDEEP

      6144:IkweALjNW/63xaRkAtLFuzL+NsCa5kUiIT6OW2WqvbJHn:3A/5xgtcyLIDmOvW4JH

    Score
    8/10
    spywarestealer

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks