Overview

overview

8

Static

static

8

9b010eb993...80.exe

windows7-x64

8

9b010eb993...80.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    9b010eb9934e0e99bb214608efaab921036e95a068108eeeb03b87ae09b56a80

  • Size

    2.4MB

  • Sample

    221220-mt9wgace2s

  • MD5

    05dbe41b39c3b1ca956438b42264704c

  • SHA1

    f7f840e4598157807e8e79cde67efb46b7cfa2ee

  • SHA256

    9b010eb9934e0e99bb214608efaab921036e95a068108eeeb03b87ae09b56a80

  • SHA512

    ba6a2a6857fa41b55e71dfda7e461007def17cd802a4af4fa3142c491b933005d4850d0f07f742beb1101affe1615ef201f2231317b978895741eb423880ffe4

  • SSDEEP

    49152:4qHjjSwQWpxJgXHmDuFKB8j+gm9/NCCHME1lDEPQqKK0cB5:P6wQWNDK+/89E1lYPJKeB5

Score
8/10
spywarestealerupx

Malware Config

Targets

    • Target

      9b010eb9934e0e99bb214608efaab921036e95a068108eeeb03b87ae09b56a80

    • Size

      2.4MB

    • MD5

      05dbe41b39c3b1ca956438b42264704c

    • SHA1

      f7f840e4598157807e8e79cde67efb46b7cfa2ee

    • SHA256

      9b010eb9934e0e99bb214608efaab921036e95a068108eeeb03b87ae09b56a80

    • SHA512

      ba6a2a6857fa41b55e71dfda7e461007def17cd802a4af4fa3142c491b933005d4850d0f07f742beb1101affe1615ef201f2231317b978895741eb423880ffe4

    • SSDEEP

      49152:4qHjjSwQWpxJgXHmDuFKB8j+gm9/NCCHME1lDEPQqKK0cB5:P6wQWNDK+/89E1lYPJKeB5

    Score
    8/10
    spywarestealerupx

    • Downloads MZ/PE file

    • Executes dropped EXE

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks