Overview

overview

7

Static

static

SecuriteIn...36.exe

windows7-x64

7

SecuriteIn...36.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Variant.MSILHeracles.56954.26916.8636.exe

  • Size

    717KB

  • Sample

    221222-w52hxaeh88

  • MD5

    89fef8743b5316bdd7724624549ebacb

  • SHA1

    08a4bd1529eab7818a43f70a65e9e2651c4da1b3

  • SHA256

    d8da845a8c898905376711802d16926d683a4802f5328260a85deb21541280f3

  • SHA512

    b92fe1dc5c674fa167f20dbb7ea4203b12ecb612d5c6668e48884180318165ff759e9b22df4100cce649e3431adb13a33a297be7ecbc96af99948bb37e00f508

  • SSDEEP

    12288:51NKGD8fDPkdlL2qzhumqAPZASnCOuCtr/S0YrUmDf6/rUXJBX71YMtDRV:NKGoMzmAPZASnTuOa4if6/4XnJYMF

Score
7/10
spywarestealer

Malware Config

Targets

    • Target

      SecuriteInfo.com.Variant.MSILHeracles.56954.26916.8636.exe

    • Size

      717KB

    • MD5

      89fef8743b5316bdd7724624549ebacb

    • SHA1

      08a4bd1529eab7818a43f70a65e9e2651c4da1b3

    • SHA256

      d8da845a8c898905376711802d16926d683a4802f5328260a85deb21541280f3

    • SHA512

      b92fe1dc5c674fa167f20dbb7ea4203b12ecb612d5c6668e48884180318165ff759e9b22df4100cce649e3431adb13a33a297be7ecbc96af99948bb37e00f508

    • SSDEEP

      12288:51NKGD8fDPkdlL2qzhumqAPZASnCOuCtr/S0YrUmDf6/rUXJBX71YMtDRV:NKGoMzmAPZASnTuOa4if6/4XnJYMF

    Score
    7/10
    spywarestealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks